GM/T 0044.3-2016 Identity-based cryptographic algorithms SM9 - Part 3: Key exchange protocol
1 Scope
This part of GM/T 0044-2016 describes an identity-based key exchange protocol built upon pairings from elliptic curves, and specifies the corresponding processes. This protocol enables two communication entities to compute a shared secret key, which is generated from input provided by both entities, as the result of two or (optionally) three message exchanges over the identity of the peer entity and their own private key. The shared secret key can be used as the session key of symmetric cryptographic algorithms. The optional message exchange step in the protocol allows for key confirmation.
This part applies to key management and agreement.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes the requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GM/T 0004, SM3 Cryptographic Hash Algorithm GM/T 0005, Randomness Test Specification
GM/T 0044.1‒2016, SM9 Identity-based Cryptographic Algorithms — Part 1: General GM/Z 4001, Cryptographic Terminology
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1 key agreement
process to generate a shared secret key among multiple users, where no user can determine the value of the key beforehand
3.2 key confirmation from A to B
assurance for user B that user A is in possession of the correct key
3.3 key derivation function
function that generates one or more shared secret keys from shared secrets and other parameters known to both entities
3.4 initiator
entity which initiates the first round of message exchange in the protocol
3.5 responder
entity that does not initiate the first round of message exchange in the protocol
3.6 encryption master key
topmost key in the key hierarchy of an identity–based cryptographic system, composed of the encryption master private key and the encryption master public key. The encryption master public key is publicly available while the encryption master private key is kept secret by the KGC. The KGC generates the user’s encryption private key by using the encryption master private key and the user’s identity. In an identity–based cryptographic system, the encryption master private key is usually generated by the KGC using random number generators, while the encryption master public key is generated with the encryption master private key and the system parameters
3.7 identity
information that can be used to confirm the identity of an entity, composed of non-repudiable information about the entity, such as its distinguishable name, email address, identity card number, telephone number, and street address.
3.8 key generation center (KGC)
trusted authority responsible for the selection of system parameters, generation of the encryption master keys, and generation of users’ encryption private keys (in this part)
4 Symbols
The following symbols apply to this part.
A, B: two users A and B using the identity-based cryptographic system
cf: cofactor of the order of an elliptic curve relative to N
