[go: up one dir, main page]

CN117811737B - Data processing method and device and electronic equipment - Google Patents

Data processing method and device and electronic equipment Download PDF

Info

Publication number
CN117811737B
CN117811737B CN202311865436.2A CN202311865436A CN117811737B CN 117811737 B CN117811737 B CN 117811737B CN 202311865436 A CN202311865436 A CN 202311865436A CN 117811737 B CN117811737 B CN 117811737B
Authority
CN
China
Prior art keywords
processing modules
sub
processing
value
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311865436.2A
Other languages
Chinese (zh)
Other versions
CN117811737A (en
Inventor
罗影
陈彦平
安晓江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haitai Fangyuan High Technology Co Ltd
Original Assignee
Beijing Haitai Fangyuan High Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haitai Fangyuan High Technology Co Ltd filed Critical Beijing Haitai Fangyuan High Technology Co Ltd
Priority to CN202311865436.2A priority Critical patent/CN117811737B/en
Publication of CN117811737A publication Critical patent/CN117811737A/en
Application granted granted Critical
Publication of CN117811737B publication Critical patent/CN117811737B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Algebra (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application is applied to the technical field of data security, and provides a data processing method, a data processing device and electronic equipment, which are used for improving the operation efficiency of a KDF algorithm, so that the data processing efficiency is improved. The method comprises the following steps: the first equipment acquires an abscissa value of any coordinate point on the elliptic curve and an ordinate value of the coordinate point; the first device comprises p processing modules; the first device determines a general iteration value according to the abscissa value and the ordinate value, and inputs the general iteration value into p processing modules; the first equipment generates a parameter set and inputs p first parameters contained in the parameter set into p processing modules; the first device invokes p processing modules and performs the following steps in each processing module: calculating the input first parameter and the general iteration value, and outputting a first sub-result; the first device determines a key result corresponding to the elliptic curve according to the p first sub-results.

Description

一种数据处理方法、装置及电子设备Data processing method, device and electronic equipment

技术领域Technical Field

本申请涉及数据安全技术领域,尤其涉及一种数据处理方法、装置及电子设备。The present application relates to the field of data security technology, and in particular to a data processing method, device and electronic device.

背景技术Background Art

随着信息化和计算机技术的发展,网络安全问题已成为信息时代人类共同面临的挑战。SM2椭圆曲线公钥密码算法(或称SM2算法)是一种常见的公钥密码算法,在云计算、网络数据传输等场景中,数据处理设备可以通过SM2算法对数据进行加解密,从而提高数据传输过程中的安全性。其中,SM2算法包括密钥派生算法(key derivation function,KDF)(或称KDF算法)。SM2算法使用的KDF算法的执行过程中需要通过计数器控制实现以下循环操作:确定迭代值,根据迭代值和计数器对应的参数进行运算。显然,KDF算法中的循环操作下的运算效率较低,从而导致通过SM2算法对数据进行加解密的效率较低。With the development of informatization and computer technology, network security issues have become a common challenge faced by mankind in the information age. The SM2 elliptic curve public key cryptography algorithm (or SM2 algorithm) is a common public key cryptography algorithm. In cloud computing, network data transmission and other scenarios, data processing equipment can encrypt and decrypt data through the SM2 algorithm, thereby improving the security of data transmission. Among them, the SM2 algorithm includes a key derivation function (KDF) (or KDF algorithm). During the execution of the KDF algorithm used by the SM2 algorithm, the following loop operations need to be implemented through counter control: determine the iteration value, and perform operations based on the parameters corresponding to the iteration value and the counter. Obviously, the computational efficiency under the loop operation in the KDF algorithm is low, which leads to low efficiency in encrypting and decrypting data through the SM2 algorithm.

发明内容Summary of the invention

本申请提供了一种数据处理方法、装置及电子设备,用以提高SM2加解密算法中KDF算法的运算效率,从而提高数据处理效率。The present application provides a data processing method, device and electronic device for improving the operational efficiency of the KDF algorithm in the SM2 encryption and decryption algorithm, thereby improving data processing efficiency.

第一方面,本申请提供了一种数据处理方法,该方法包括:第一设备获取椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值;第一设备包括p个处理模块;p大于或等于2且p为正整数;第一设备根据横坐标值和纵坐标值确定通用迭代值,并将通用迭代值输入p个处理模块中;第一设备生成参数集,并将参数集中包含的p个第一参数输入p个处理模块中;第一设备调用p个处理模块,并在每个处理模块中执行以下步骤:对输入的第一参数和通用迭代值进行运算,输出第一子结果;其中,p个处理模块并行进行运算且每个处理模块执行的运算不同;第一设备根据p个第一子结果确定椭圆曲线对应的密钥结果;第一设备还可以根据所述密钥结果对第一明文数据进行加密得到第一密文数据;或者,第一设备还可以根据所述密钥结果对第二密文数据进行解密得到第二明文数据。In the first aspect, the present application provides a data processing method, which includes: a first device obtains the horizontal coordinate value and the vertical coordinate value of any coordinate point on an elliptic curve; the first device includes p processing modules; p is greater than or equal to 2 and p is a positive integer; the first device determines a universal iteration value based on the horizontal coordinate value and the vertical coordinate value, and inputs the universal iteration value into the p processing modules; the first device generates a parameter set, and inputs the p first parameters contained in the parameter set into the p processing modules; the first device calls p processing modules, and performs the following steps in each processing module: operates on the input first parameter and the universal iteration value, and outputs a first sub-result; wherein the p processing modules perform operations in parallel and each processing module performs different operations; the first device determines the key result corresponding to the elliptic curve based on the p first sub-results; the first device can also encrypt the first plaintext data according to the key result to obtain the first ciphertext data; or, the first device can also decrypt the second ciphertext data according to the key result to obtain the second plaintext data.

基于以上方法,第一设备能够首先计算通用迭代值,然后根据通用迭代值和参数集中不同参数进行并行运算得到多个第一子结果,从而确定密钥结果;无需多次重复确定通用迭代值,并且,能够通过并行运算得到多个第一子结果,提高SM2加解密算法中KDF算法的运算效率,从而提高数据处理效率,从而能够解决通过SM2算法对数据进行加解密的效率较低的问题。Based on the above method, the first device can first calculate the general iteration value, and then perform parallel operations based on the general iteration value and different parameters in the parameter set to obtain multiple first sub-results, thereby determining the key result; there is no need to repeatedly determine the general iteration value, and multiple first sub-results can be obtained through parallel operations, thereby improving the operational efficiency of the KDF algorithm in the SM2 encryption and decryption algorithm, thereby improving data processing efficiency, thereby solving the problem of low efficiency in encrypting and decrypting data using the SM2 algorithm.

在一种可能的设计中,参数集还包括q个第二参数,q小于或等于p且q为正整数;前述确定密钥结果的过程包括:第一设备将q个第二参数输入q个处理模块中;第一设备调用q个处理模块,并在每个处理模块中执行以下步骤:对输入的第二参数和通用迭代值进行运算,输出第二子结果;其中,q个处理模块并行进行运算且每个处理模块执行的运算不同;第一设备根据个第一子结果和q个处理模块输出的q个第二子结果,确定密钥结果;m为参数集中包含的参数的数量。In a possible design, the parameter set further includes q second parameters, q is less than or equal to p and q is a positive integer; the process of determining the key result includes: the first device inputs the q second parameters into q processing modules; the first device calls the q processing modules and performs the following steps in each processing module: operates on the input second parameters and the universal iteration value, and outputs a second sub-result; wherein the q processing modules operate in parallel and each processing module performs a different operation; the first device determines the key result according to The key result is determined by using q first sub-results and q second sub-results output by q processing modules; m is the number of parameters included in the parameter set.

采用该设计,第一设备能够结合q个第二参数对应的第二并行结果,确定密钥结果,从而提高密钥结果的准确性。With this design, the first device can determine the key result by combining the second parallel results corresponding to the q second parameters, thereby improving the accuracy of the key result.

在一种可能的设计中,前述设计中确定密钥结果的过程包括:第一设备获取预设密钥长度;第一设备将p个第一子结果和q个第二子结果进行拼接,得到临时密钥;第一设备根据预设密钥长度,截取临时密钥最左侧的部分比特值,得到密钥结果;密钥结果的长度为预设密钥长度。In one possible design, the process of determining the key result in the aforementioned design includes: the first device obtains a preset key length; the first device concatenates p first sub-results and q second sub-results to obtain a temporary key; the first device intercepts the leftmost part of the bit value of the temporary key according to the preset key length to obtain the key result; the length of the key result is the preset key length.

采用该设计,第一设备可以确定密钥结果的长度为预设密钥长度,从而使得加解密运算更加高效。With this design, the first device can determine that the length of the key result is a preset key length, thereby making encryption and decryption operations more efficient.

在一种可能的设计中,横坐标值和纵坐标值拼接后的长度为512比特。In one possible design, the length of the concatenated horizontal and vertical coordinate values is 512 bits.

在一种可能的设计中,第一设备还可以接收单指令多数据流SIMD指令;SIMD指令用于指示p个处理模块并行进行运算;和/或,第一设备还可以将p个处理模块调度至p个并行执行的线程进行处理;和/或,第一设备还可以通过图像处理器GPU进行p个处理模块的并行运算。In one possible design, the first device can also receive single instruction multiple data (SIMD) instructions; the SIMD instructions are used to instruct p processing modules to perform operations in parallel; and/or, the first device can also schedule the p processing modules to p parallel execution threads for processing; and/or, the first device can also perform parallel operations on the p processing modules through a graphics processor (GPU).

采用该设计,第一设备可以通过多种不同的方式实现并行运算,提高灵活性。With this design, the first device can implement parallel computing in a variety of different ways, thereby improving flexibility.

第二方面,本申请还提供了一种数据处理装置,该装置包括通信模块和处理模块。其中,通信模块,用于接收和发送数据;处理模块,用于执行前述第一方面所示的方法。In a second aspect, the present application further provides a data processing device, which includes a communication module and a processing module, wherein the communication module is used to receive and send data, and the processing module is used to execute the method shown in the first aspect.

在一种可能的示例中,该通信模块具体用于:获取椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值;数据处理装置包括p个处理模块;p大于或等于2且p为正整数;该处理模块具体用于:根据横坐标值和纵坐标值确定通用迭代值,并将通用迭代值输入p个处理模块中;该处理模块还用于:生成参数集,并将参数集中包含的p个第一参数输入p个处理模块中;该处理模块还用于:调用p个处理模块,并在每个该处理模块中执行以下步骤:对输入的第一参数和通用迭代值进行运算,输出第一子结果;其中,p个处理模块并行进行运算且每个处理模块执行的运算不同;该处理模块还用于:根据p个第一子结果确定椭圆曲线对应的密钥结果;该处理模块还用于:根据密钥结果对第一明文数据进行加密得到第一密文数据;或者,根据密钥结果对第二密文数据进行解密得到第二明文数据。In a possible example, the communication module is specifically used to: obtain the horizontal coordinate value and the vertical coordinate value of any coordinate point on the elliptic curve; the data processing device includes p processing modules; p is greater than or equal to 2 and p is a positive integer; the processing module is specifically used to: determine the universal iteration value according to the horizontal coordinate value and the vertical coordinate value, and input the universal iteration value into the p processing modules; the processing module is also used to: generate a parameter set, and input the p first parameters contained in the parameter set into the p processing modules; the processing module is also used to: call p processing modules, and perform the following steps in each of the processing modules: operate on the input first parameter and the universal iteration value, and output a first sub-result; wherein the p processing modules operate in parallel and each processing module performs different operations; the processing module is also used to: determine the key result corresponding to the elliptic curve according to the p first sub-results; the processing module is also used to: encrypt the first plaintext data according to the key result to obtain the first ciphertext data; or, decrypt the second ciphertext data according to the key result to obtain the second plaintext data.

在一种可能的设计中,参数集还包括q个第二参数,q小于或等于p且q为正整数;该处理模块具体用于:将q个第二参数输入q个处理模块中;调用q个处理模块,并在每个该处理模块中执行以下步骤:对输入的第二参数和通用迭代值进行运算,输出第二子结果;其中,q个处理模块并行进行运算且每个处理模块执行的运算不同;根据个第一子结果和q个处理模块输出的q个第二子结果,确定密钥结果;m为参数集中包含的参数的数量。In a possible design, the parameter set further includes q second parameters, q is less than or equal to p and q is a positive integer; the processing module is specifically used to: input the q second parameters into the q processing modules; call the q processing modules, and perform the following steps in each of the processing modules: operate on the input second parameters and the universal iteration value, and output a second sub-result; wherein the q processing modules operate in parallel and each processing module performs a different operation; according to The key result is determined by using q first sub-results and q second sub-results output by q processing modules; m is the number of parameters included in the parameter set.

在一种可能的设计中,该处理模块具体用于:通过该通信模块获取预设密钥长度;将p个第一子结果和q个第二子结果进行拼接,得到临时密钥;根据预设密钥长度,截取临时密钥最左侧的部分比特值,得到密钥结果;密钥结果的长度为预设密钥长度。In one possible design, the processing module is specifically used to: obtain a preset key length through the communication module; concatenate p first sub-results and q second sub-results to obtain a temporary key; according to the preset key length, intercept the leftmost part of the bit value of the temporary key to obtain a key result; the length of the key result is the preset key length.

在一种可能的设计中,横坐标值和纵坐标值拼接后的长度为512比特。In one possible design, the length of the concatenated horizontal and vertical coordinate values is 512 bits.

在一种可能的设计中,该处理模块还用于:通过该通信模块接收单指令多数据流SIMD指令;SIMD指令用于指示p个处理模块并行进行运算;和/或,将p个处理模块调度至p个并行执行的线程进行处理;和/或,通过图像处理器GPU进行p个处理模块的并行运算。In one possible design, the processing module is also used to: receive single instruction multiple data (SIMD) instructions through the communication module; the SIMD instructions are used to instruct p processing modules to perform operations in parallel; and/or, schedule the p processing modules to p parallel execution threads for processing; and/or, perform parallel operations on the p processing modules through a graphics processor (GPU).

第三方面,本申请还提供了一种电子设备,所述电子设备包括处理器和存储器,所述处理器用于执行所述存储器中存储的计算机程序时实现如上述第一方面及其任一可能的设计所述数据处理方法的步骤。In a third aspect, the present application further provides an electronic device comprising a processor and a memory, wherein the processor is used to implement the steps of the data processing method as described in the first aspect above and any possible design thereof when executing a computer program stored in the memory.

第四方面,本申请还提供了一种计算机可读存储介质,其存储有计算机程序,所述计算机程序被处理器执行时实现如上述第一方面及其任一可能的设计所述数据处理方法的步骤。In a fourth aspect, the present application further provides a computer-readable storage medium storing a computer program, which, when executed by a processor, implements the steps of the data processing method as described in the first aspect and any possible design thereof.

第五方面,本申请还提供了一种计算机程序产品,所述计算机程序产品包括计算机程序,所述计算机程序被处理器执行时实现如第一方面及其任一可能的设计所述数据处理方法的步骤。In a fifth aspect, the present application also provides a computer program product, which includes a computer program, and when the computer program is executed by a processor, it implements the steps of the data processing method as described in the first aspect and any possible design thereof.

另外,第二方面至第五方面所带来的技术效果可参见上述第一方面的描述,此处不再赘述。In addition, the technical effects brought about by the second to fifth aspects can be found in the description of the first aspect above and will not be repeated here.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings required for use in the description of the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present application. For ordinary technicians in this field, other drawings can be obtained based on these drawings without paying any creative labor.

图1为本申请实施例提供的一种数据加密方法的流程示意图;FIG1 is a schematic diagram of a flow chart of a data encryption method provided in an embodiment of the present application;

图2为本申请实施例提供的一种数据解密方法的流程示意图;FIG2 is a flow chart of a data decryption method provided in an embodiment of the present application;

图3为本申请实施例提供的一种数据处理方法的流程示意图;FIG3 is a schematic diagram of a flow chart of a data processing method provided in an embodiment of the present application;

图4a为本申请实施例提供的一种数据处理流程示例图;FIG4a is a diagram showing an example of a data processing flow provided in an embodiment of the present application;

图4b为本申请实施例提供的另一种数据处理流程示例图;FIG4b is another example diagram of a data processing flow provided in an embodiment of the present application;

图4c为本申请实施例提供的另一种数据处理流程示例图;FIG4c is another example diagram of a data processing flow provided in an embodiment of the present application;

图4d为本申请实施例提供的另一种数据处理流程示例图;FIG4d is another example diagram of a data processing flow provided in an embodiment of the present application;

图5a为本申请实施例提供的一种并行处理的示例图;FIG5a is an example diagram of parallel processing provided by an embodiment of the present application;

图5b为本申请实施例提供的另一种并行处理的示例图;FIG5b is an example diagram of another parallel processing provided by an embodiment of the present application;

图6为本申请实施例提供的一种数据处理装置的模块化结构示意图;FIG6 is a schematic diagram of a modular structure of a data processing device provided in an embodiment of the present application;

图7为本申请实施例提供的另一种数据处理装置的结构示意图。FIG. 7 is a schematic diagram of the structure of another data processing device provided in an embodiment of the present application.

具体实施方式DETAILED DESCRIPTION

为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述,显然,所描述的实施例仅仅是本申请的一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本申请保护的范围。本申请技术方案中对数据的获取、存储、使用、处理等均符合国家法律法规的相关规定。In order to make the purpose, technical solutions and advantages of this application clearer, this application will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only part of the embodiments of this application, rather than all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by ordinary technicians in this field without making creative work are within the scope of protection of this application. The acquisition, storage, use, and processing of data in the technical solution of this application are in compliance with the relevant provisions of national laws and regulations.

下面对本申请设计的一些符号进行解释:The following are some explanations of the symbols designed in this application:

(1)“||”表示字符拼接。例如,“A||B”表示将“A”和“B”进行拼接;假设A=“123”,B=“456”,则A||B=“123456”。(1) “||” indicates character concatenation. For example, “A||B” means concatenating “A” and “B”; assuming A = “123” and B = “456”, then A||B = “123456”.

(2)表示对C进行向上取整。例如,表示8;表示3。(2) Indicates that C is rounded up. For example, Indicates 8; Means 3.

(3)表示对D进行向下取整。例如,表示7;表示2。(3) Indicates that D is rounded down. For example, Indicates 7; Means 2.

本申请实施例中,对于名词的数目,除非特别说明,表示“单数名词或复数名词”,即“一个或多个”。“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B的情况,其中A,B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。例如,A/B,表示:A或B。“以下至少一项(个)”或其类似表达,是指的这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,a,b,或c中的至少一项(个),表示:a,b,c,a和b,a和c,b和c,或a和b和c,其中a,b,c可以是单个,也可以是多个。In the embodiments of the present application, the number of nouns, unless otherwise specified, means "singular noun or plural noun", that is, "one or more". "At least one" means one or more, and "plural" means two or more. "And/or" describes the association relationship of associated objects, indicating that three relationships may exist. For example, A and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone, where A and B can be singular or plural. The character "/" generally indicates that the previous and next associated objects are in an "or" relationship. For example, A/B means: A or B. "At least one of the following" or similar expressions refers to any combination of these items, including any combination of single or plural items. For example, at least one of a, b, or c means: a, b, c, a and b, a and c, b and c, or a and b and c, where a, b, c can be single or multiple.

本申请实施例提及“第一”、“第二”等序数词是用于对多个对象进行区分,不用于限定多个对象的大小、内容、顺序、时序、应用场景、优先级或者重要程度等。例如,第一小区和第二小区,可以是同样的小区,也可以是不同的小区,且,这种名称也并不是表示这两个小区的优先级、应用场景或者重要程度等的不同。The ordinal numbers such as "first" and "second" mentioned in the embodiments of the present application are used to distinguish multiple objects, and are not used to limit the size, content, order, timing, application scenario, priority or importance of the multiple objects. For example, the first cell and the second cell can be the same cell or different cells, and such names do not indicate the difference in priority, application scenario or importance of the two cells.

本申请实施例中,“当……时”、“在……情况下”、“若……,则”可表示相同的含义,彼此之前可以相互替换。In the embodiments of the present application, "when...", "under the circumstances...", and "if...", "then" may represent the same meaning and may be replaced with each other.

本申请实施例提供一种可能的数据处理架构,该数据处理架构包括KDF计算设备(或称计算设备)、加密设备和解密设备。其中,加密设备和解密设备在一些场景下可以是同一个设备。应理解,在一个数据处理架构中,计算设备、加密设备和解密设备的可以集成在同一个设备中,本申请中不做限定。The embodiment of the present application provides a possible data processing architecture, which includes a KDF computing device (or computing device), an encryption device, and a decryption device. Among them, the encryption device and the decryption device can be the same device in some scenarios. It should be understood that in a data processing architecture, the computing device, the encryption device, and the decryption device can be integrated into the same device, which is not limited in this application.

为了提高KDF算法的运算效率,从而提高数据处理效率,本申请实施例提供一种数据处理方法,应用于第一设备。本申请中的数据处理方法可以应用在前述数据处理架构中,其中,第一设备可以是前述数据处理架构中的计算设备。In order to improve the operational efficiency of the KDF algorithm and thus improve the data processing efficiency, the embodiment of the present application provides a data processing method, which is applied to a first device. The data processing method in the present application can be applied in the aforementioned data processing architecture, wherein the first device can be a computing device in the aforementioned data processing architecture.

结合前述数据处理架构,以SM2加密算法为例,本申请实施例提供一种数据处理的方法,应用于加密设备,该方法用于对待加密的明文数据进行加密处理。如图1所示,该方法具体包括以下步骤:In combination with the aforementioned data processing architecture, taking the SM2 encryption algorithm as an example, the present application embodiment provides a data processing method, which is applied to an encryption device, and the method is used to encrypt plaintext data to be encrypted. As shown in FIG1 , the method specifically includes the following steps:

步骤A1:加密设备通过随机数发生器产生随机数k,k为1至n-1之间的整数,其中n为基点G的阶。n的取值可以参考GB/T 32918.5-2017《信息安全技术SM2椭圆曲线公钥密码算法第5部分:参数定义》,本申请不做赘述。Step A1: The encryption device generates a random number k through a random number generator, where k is an integer between 1 and n-1, and n is the order of the base point G. The value of n can refer to GB/T 32918.5-2017 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 5: Parameter Definition", which is not elaborated in this application.

步骤A2:加密设备计算椭圆曲线点C1的坐标:C1=[k]G=(x1,y1)。加密设备还可以参考GB/T 32918.1-2016《信息安全技术SM2椭圆曲线公钥密码算法第1部分:总则》中4.2.9和4.2.5给出的方法,从而将C1的数据类型转换为比特串。Step A2: The encryption device calculates the coordinates of the elliptic curve point C 1 : C 1 = [k] G = (x 1 , y 1 ). The encryption device can also refer to the methods given in 4.2.9 and 4.2.5 of GB/T 32918.1-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 1: General Principles" to convert the data type of C 1 into a bit string.

步骤A3:假设解密设备(或称:接收方、解密方)对应的用户为用户B,用户B的公钥为PB,加密设备根据前述用户B的公钥计算椭圆曲线点S的值:S=[h]PB,若S是无穷远点则报错并退出;反之,则继续执行步骤A4;其中h为余因子。h的取值可以参考GB/T 32918.5-2017《信息安全技术SM2椭圆曲线公钥密码算法第5部分:参数定义》,本申请不做赘述。Step A3: Assume that the user corresponding to the decryption device (or receiver, decryptor) is user B, and the public key of user B is PB . The encryption device calculates the value of the elliptic curve point S according to the public key of user B: S = [h] PB . If S is a point at infinity, an error is reported and the system exits; otherwise, step A4 is continued; where h is the cofactor. The value of h can refer to GB/T 32918.5-2017 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 5: Parameter Definition", which is not described in detail in this application.

步骤A4:加密设备计算椭圆曲线点[k]PB的值:[k]PB=(x2,y2)。加密设备还可以参考GB/T 32918.1-2016《信息安全技术SM2椭圆曲线公钥密码算法第1部分:总则》中4.2.6和4.2.5给出的方法,将坐标x2、y2的数据类型转换为比特串。Step A4: The encryption device calculates the value of the elliptic curve point [k] PB : [k] PB = ( x2 , y2 ). The encryption device can also refer to the methods given in 4.2.6 and 4.2.5 of GB/T 32918.1-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 1: General Principles" to convert the data types of the coordinates x2 and y2 into bit strings.

步骤A5:加密设备调用计算设备,计算密钥流t的值:t=KDF(x2||y2,klen);其中,klen表示待加密的明文数据的比特长度。若t为全0比特串,则加密设备返回步骤A1;反之,则加密设备继续执行步骤A6。其中KDF函数为密钥派生函数,该KDF函数的计算过程可以参考GB/T 32918.4-2016《信息安全技术SM2椭圆曲线公钥密码算法第4部分:公钥加密算法》5.4.3节中给出的方法。Step A5: The encryption device calls the computing device to calculate the value of the key stream t: t = KDF (x 2 || y 2 , klen); wherein klen represents the bit length of the plaintext data to be encrypted. If t is a string of all 0 bits, the encryption device returns to step A1; otherwise, the encryption device continues to execute step A6. The KDF function is a key derivation function, and the calculation process of the KDF function can refer to the method given in Section 5.4.3 of GB/T 32918.4-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 4: Public Key Cryptography Algorithm".

其中,计算设备的处理动作在后文中具体展开,此处不重复赘述。The processing actions of the computing device will be described in detail later in the text and will not be repeated here.

步骤A6:加密设备根据待加密的明文数据M,计算比特串C2:C2=M⊕t。Step A6: The encryption device calculates the bit string C 2 according to the plaintext data M to be encrypted: C 2 =M⊕t.

步骤A7:加密设备计算比特串C3:C3=SM3(x2||M||y2)。Step A7: The encryption device calculates the bit string C 3 : C 3 =SM3(x 2 ||M||y 2 ).

步骤A8:加密设备确认并输出密文C:C=C1||C3||C2。其中,密文C为前述明文数据M对应的密文。Step A8: The encryption device confirms and outputs the ciphertext C: C=C 1 || C 3 || C 2 , where the ciphertext C is the ciphertext corresponding to the plaintext data M mentioned above.

结合前述数据处理架构,以SM2解密算法为例,本申请实施例提供一种数据处理的方法,应用于解密设备,该方法用于对待解密的密文数据进行解密处理。如图2所示,该方法具体包括以下步骤:In combination with the aforementioned data processing architecture, taking the SM2 decryption algorithm as an example, the present application embodiment provides a data processing method, which is applied to a decryption device, and the method is used to decrypt the ciphertext data to be decrypted. As shown in FIG2 , the method specifically includes the following steps:

步骤B1:解密设备根据密文C确定比特串C1。参考GB/T 32918.1-2016《信息安全技术SM2椭圆曲线公钥密码算法第1部分:总则》中4.2.4和4.2.10给出的方法,解密设备将C1的数据类型转换为椭圆曲线上的坐标点。解密设备验证C1是否满足椭圆曲线方程;若不满足,则解密设备报错并退出;反之,则解密设备继续执行步骤B2。Step B1: The decryption device determines the bit string C 1 according to the ciphertext C. Referring to the methods given in 4.2.4 and 4.2.10 of GB/T 32918.1-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 1: General Principles", the decryption device converts the data type of C 1 into the coordinate point on the elliptic curve. The decryption device verifies whether C 1 satisfies the elliptic curve equation; if not, the decryption device reports an error and exits; otherwise, the decryption device continues to execute step B2.

步骤B2:解密设备计算椭圆曲线点S的值:S=[h]C1,若S是无穷远点,则解密设备报错并退出;反之,则解密设备继续执行步骤B3。Step B2: The decryption device calculates the value of the elliptic curve point S: S = [h] C 1 . If S is a point at infinity, the decryption device reports an error and exits; otherwise, the decryption device continues to execute step B3.

步骤B3:假设解密设备对应的用户为用户B,用户B的私钥为dB,解密设备计算[dB]C1的值:[dB]C1=(x2,y2)。解密设备还可以参考GB/T32918.1-2016《信息安全技术SM2椭圆曲线公钥密码算法第1部分:总则》中4.2.6和4.2.5给出的方法,将坐标x2、y2的数据类型转换为比特串。Step B3: Assuming that the user corresponding to the decryption device is user B, and the private key of user B is d B , the decryption device calculates the value of [d B ]C1: [d B ]C1=(x 2 , y 2 ). The decryption device can also refer to the methods given in 4.2.6 and 4.2.5 of GB/T32918.1-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 1: General Principles" to convert the data types of coordinates x 2 and y 2 into bit strings.

其中,用户B的公钥PB和私钥dB相对应。Among them, user B's public key PB corresponds to the private key dB .

步骤B4:解密设备调用计算设备,计算密钥流t的值:t=KDF(x2||y2,klen)。若t为全0比特串,则解密设备报错并退出;反之,则解密设备继续执行步骤B5。Step B4: The decryption device calls the calculation device to calculate the value of the key stream t: t = KDF ( x2 || y2 , klen). If t is an all-0 bit string, the decryption device reports an error and exits; otherwise, the decryption device continues to execute step B5.

其中,计算设备的处理动作在后文中具体展开,此处不重复赘述。The processing actions of the computing device will be described in detail later in the text and will not be repeated here.

步骤B5:解密设备根据密文C确定比特串C2。解密设备计算解密后的明文数据M':M'=C2⊕t。Step B5: The decryption device determines the bit string C 2 according to the ciphertext C. The decryption device calculates the decrypted plaintext data M': M'=C 2 ⊕t.

步骤B6:解密设备计算u的值:u=SM3(x2||M'||y2)。解密设备还可以根据密文C确定比特串C3。解密设备验证u的值和C3的值是否相同;若u≠C3,则解密设备报错并退出;反之,则解密设备继续执行步骤B7。Step B6: The decryption device calculates the value of u: u=SM3(x 2 || M'|| y 2 ). The decryption device can also determine the bit string C 3 based on the ciphertext C. The decryption device verifies whether the value of u is the same as the value of C 3 ; if u≠C 3 , the decryption device reports an error and exits; otherwise, the decryption device continues to execute step B7.

步骤B7:解密设备输出解密后的明文数据M'。Step B7: The decryption device outputs the decrypted plaintext data M'.

结合前述数据处理架构,本申请实施例提供一种数据处理的方法,用于执行加密运算或者解密运算过程中的KDF算法,从而提高加密运算或解密运算的计算速率。In combination with the aforementioned data processing architecture, an embodiment of the present application provides a data processing method for executing a KDF algorithm in an encryption operation or a decryption operation, thereby improving the calculation rate of the encryption operation or the decryption operation.

下面结合附图,对本申请实施例提供的数据处理方法进行说明。图3为本申请实施例提供的一种数据处理的方法,应用于第一设备(例如计算设备),该方法可包括以下步骤:The data processing method provided by the embodiment of the present application is described below in conjunction with the accompanying drawings. FIG3 is a data processing method provided by the embodiment of the present application, which is applied to a first device (such as a computing device). The method may include the following steps:

S301:第一设备获取椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值;第一设备包括p个处理模块;p大于或等于2且p为正整数。S301: The first device obtains the horizontal coordinate value and the vertical coordinate value of any coordinate point on the elliptic curve; the first device includes p processing modules; p is greater than or equal to 2 and p is a positive integer.

值得一提的是,在实际应用过程中,当p=1时,本方案仍可以执行,即当第一设备仅包括一个处理模块时,可以通过循环执行本方法中的步骤,来实现数据处理。It is worth mentioning that, in actual application, when p=1, this solution can still be executed, that is, when the first device includes only one processing module, data processing can be achieved by cyclically executing the steps in this method.

可选的,横坐标值和纵坐标值拼接后的比特消息块Z的长度为512比特。Optionally, the length of the bit message block Z obtained by concatenating the horizontal axis value and the vertical axis value is 512 bits.

例如,前述步骤A5和步骤B4中的x2为横坐标值,前述步骤A5和步骤B4中的y2为纵坐标值。比特数据串x2||y2的长度为512比特。For example, x 2 in the aforementioned step A5 and step B4 is the horizontal coordinate value, and y 2 in the aforementioned step A5 and step B4 is the vertical coordinate value. The length of the bit data string x 2 || y 2 is 512 bits.

S302:第一设备根据横坐标值和纵坐标值确定通用迭代值,并将通用迭代值输入p个处理模块中。S302: The first device determines a common iteration value according to the abscissa value and the ordinate value, and inputs the common iteration value into p processing modules.

可选的,假设通用迭代值用表示V(1);第一设备可以根据第一预设值V(0)、横坐标值和纵坐标值,确定通用迭代值V(1)Optionally, assuming that the universal iteration value is represented by V (1) ; the first device may determine the universal iteration value V (1) according to the first preset value V (0) , the abscissa value and the ordinate value.

例如,第一设备将512比特的比特消息块Z进行扩展,得到68个32比特字,扩展后的比特字集合记为E(Z)=(W0,W1,…,W67),见GB/T32905-2016的5.3.2节;第一设备获取第一预设值V(0),V(0)为GB/T32905-2016的4.1节定义的256比特的初始值“7380166F4914B2B9172442D7DA8A0600A96F30BC163138AAE38DEE4DB0FB0E4E”(十六进制表示);第一设备执行64轮迭代压缩得到通用迭代值,记为V(1)=F(V(0),(W0,W1,…,W67)),见GB/T32905-2016的5.3.3节;即V(1)=F(V(0),E(Z))=CF(V(0),Z)。其中,CF函数为GB/T 32905-2016《信息安全技术SM3密码杂凑算法》5.3.1节描述的压缩函数,V(1)为CF函数的输出值。For example, the first device expands the 512-bit bit message block Z to obtain 68 32-bit words, and the expanded bit word set is recorded as E(Z)=( W0 , W1 , ..., W67 ), see Section 5.3.2 of GB/T32905-2016; the first device obtains a first preset value V (0) , where V (0) is the 256-bit initial value "7380166F4914B2B9172442D7DA8A0600A96F30BC163138AAE38DEE4DB0FB0E4E" (in hexadecimal) defined in Section 4.1 of GB/T32905-2016; the first device performs 64 rounds of iterative compression to obtain a universal iterative value, recorded as V (1) =F(V (0) , ( W0 , W1 , ..., W67) )), see Section 5.3.3 of GB/T32905-2016; that is, V (1) = F (V (0) , E (Z)) = CF (V (0) , Z). Among them, the CF function is the compression function described in Section 5.3.1 of GB/T 32905-2016 "Information Security Technology SM3 Cryptographic Hash Algorithm", and V (1) is the output value of the CF function.

S303:第一设备生成参数集,并将参数集中包含的p个第一参数输入p个处理模块中。S303: The first device generates a parameter set, and inputs p first parameters included in the parameter set into p processing modules.

可选的,第一设备调用计数器,由计数器生成m个正整数(1至m);第一设备分别将m个正整数中的每一个正整数与第二预设值pad进行拼接,确定m个参数,从而生成参数集。其中,pad=0x80||0x00||blen。Optionally, the first device calls a counter, and the counter generates m positive integers (1 to m); the first device concatenates each of the m positive integers with the second preset value pad, determines m parameters, and thus generates a parameter set. Wherein, pad = 0x80||0x00||blen.

可选的,假设SM3杂凑算法输出比特长度值用hlen表示,第一设备可以根据预设密钥长度klen和hlen确定m的取值,例如, Optionally, assuming that the bit length value output by the SM3 hash algorithm is represented by hlen, the first device may determine the value of m according to the preset key lengths klen and hlen, for example,

其中,第一设备可以参考GB/T 32918.4-2016《信息安全技术SM2椭圆曲线公钥密码算法第4部分:公钥加密算法》的5.4.3节中对SM3杂凑算法输出的比特长度来确定hlen,例如hlen为512。Among them, the first device can determine hlen by referring to the bit length of the SM3 hash algorithm output in Section 5.4.3 of GB/T 32918.4-2016 "Information Security Technology SM2 Elliptic Curve Public Key Cryptography Algorithm Part 4: Public Key Encryption Algorithm", for example, hlen is 512.

例如,第一设备取m个64字节的参数(字节串):Yi=cti||0x80||0x00(51)||blen,i=1,2,…,m;其中,64字节的字节串Y1For example, the first device takes m 64-byte parameters (byte strings): Yi = ct i || 0x80 || 0x00 (51) || blen, i = 1, 2, ..., m; wherein the 64-byte byte string Y1 =

00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00

00 00 00 00 00 00 00 80 00 00 00 00 00 00 02 20。00 00 00 00 00 00 00 80 00 00 00 00 00 00 02 20.

第一设备基于前述确定的m个参数生成参数集。其中,cti表示将i大端表示为4字节的字节串,例如,i为1时,字节串cti的十六进制表示为“00000001”;0x80表示1个字节的特定值;0x00(51)表示51个字节全为0x00的字节串。blen表示8个字节的特定值字节串,其十六进制表示为“0000000000000220”。The first device generates a parameter set based on the m parameters determined above. Wherein, ct i represents a byte string representing the big end of i as 4 bytes. For example, when i is 1, the hexadecimal representation of the byte string ct i is "00000001"; 0x80 represents a specific value of 1 byte; 0x00 (51) represents a byte string of 51 bytes all of which are 0x00. blen represents a byte string of a specific value of 8 bytes, and its hexadecimal representation is "0000000000000220".

进一步的,第一设备将参数集中包含的p个第一参数输入p个处理模块中,即存储(Y1,Y2,…,Yp),以便进行下一轮计算时节省一部分计算资源。Furthermore, the first device inputs the p first parameters included in the parameter set into p processing modules, ie, stores (Y 1 , Y 2 , . . . , Y p ), so as to save some computing resources in the next round of computing.

S304:第一设备调用p个处理模块,并在每个处理模块中执行以下步骤:对输入的第一参数和通用迭代值进行运算,输出第一子结果;其中,p个处理模块并行进行运算且每个处理模块执行的运算不同。S304: The first device calls p processing modules, and executes the following steps in each processing module: operates on the input first parameter and the common iteration value, and outputs a first sub-result; wherein the p processing modules operate in parallel and each processing module performs different operations.

其中,p也称为并行指数,第一设备可以同时并行执行运算(例如CF函数)的最大次数为p。Here, p is also called a parallel index, and the maximum number of times the first device can execute operations (eg, CF functions) in parallel is p.

S305:第一设备根据p个第一子结果确定椭圆曲线对应的密钥结果。S305: The first device determines the key result corresponding to the elliptic curve according to the p first sub-results.

应理解,当p大于或等于m时,在一轮并行处理中即可完成参数集中m个参数对应的运算,即p个第一子结果包括m个参数分别对应的第一子结果。It should be understood that when p is greater than or equal to m, operations corresponding to the m parameters in the parameter set can be completed in one round of parallel processing, that is, the p first sub-results include the first sub-results corresponding to the m parameters respectively.

可选的,步骤S305中第一设备获取密钥结果的过程可以包括:第一设备获取预设密钥长度;第一设备将p个第一子结果进行拼接,得到临时密钥;第一设备根据预设密钥长度,截取临时密钥最左侧的部分比特值,得到密钥结果;密钥结果的长度为预设密钥长度。其中,预设密钥长度用klen表示,例如,该值小于(232-1)hlen(其中hlen=256比特表示SM3的杂凑值长度)。Optionally, the process of the first device obtaining the key result in step S305 may include: the first device obtains a preset key length; the first device concatenates p first sub-results to obtain a temporary key; the first device intercepts the leftmost bit value of the temporary key according to the preset key length to obtain the key result; the length of the key result is the preset key length. The preset key length is represented by klen, for example, the value is less than (2 32 -1)hlen (where hlen=256 bits represents the hash value length of SM3).

例如,第一设备将m个第一子结果V(2) 1、V(2) 2、……、V(2) m拼接在一起,得到临时密钥:K'=V(2) 1||V(2) 2||…||V(2) m;第一设备截取K'的最左边klen比特作为密钥结果K,即K=MSBklen(K')。第一设备还可以输出前述密钥结果K。其中,最高有效位(most significantbit,MSB)函数表示取二进制中代表最高值的比特位。For example, the first device concatenates m first sub-results V (2) 1 , V (2) 2 , ..., V (2) m together to obtain a temporary key: K'=V (2) 1 ||V (2) 2 || ... ||V (2) m ; the first device intercepts the leftmost klen bits of K' as the key result K, that is, K=MSB klen (K'). The first device can also output the aforementioned key result K. The most significant bit (MSB) function represents taking the bit representing the highest value in binary.

在一种可能的设计中,当p小于m时,第一设备可以重复执行步骤S303和步骤S304中的动作,从而通过多轮(轮)重复获得m个第一子结果;进一步的,在执行步骤S305时,第一设备可以根据m个第一子结果确定椭圆曲线对应的密钥结果。In a possible design, when p is less than m, the first device may repeatedly perform the actions in step S303 and step S304, thereby performing multiple rounds ( round) to obtain m first sub-results; further, when executing step S305, the first device can determine the key result corresponding to the elliptic curve according to the m first sub-results.

可选的,当p不被m整除时,在最后一轮并行运算的过程中,假设待处理的第一参数的数量不足p个,则第一设备将不足的消息块补0处理。例如,多轮并行运算表示为:(V(2) 1+j,V(2) 2+j,…,V(2) p+j)=CF(p)(V(1),(Y1+j,Y2+j,…,Yp+j)),其中如果j+p>m,则取Y j+p=0。Optionally, when p is not divisible by m, in the last round of parallel operation, assuming that the number of first parameters to be processed is less than p, the first device pads the insufficient message blocks with 0. For example, multiple rounds of parallel operation are expressed as: (V (2) 1+j , V (2) 2+j , …, V (2) p+j )=CF (p) (V (1) , (Y 1+j , Y 2+j , …, Y p+j )), where if j+p>m, Y j+p =0.

可选的,当p不被m整除时,在最后一轮并行运算的过程中,假设待处理的第一参数的数量不足p个,则第一设备对待处理的第一参数按照传统方式逐一计算,即不执行并行处理。例如,取 依次执行普通无并行的CF压缩函数:V(2) j+1=CF(V(1),Yj)。Optionally, when p is not divisible by m, in the last round of parallel computing, assuming that the number of first parameters to be processed is less than p, the first device calculates the first parameters to be processed one by one in a traditional manner, that is, parallel processing is not performed. The ordinary non-parallel CF compression function is executed sequentially: V (2) j+1 =CF(V (1) , Y j ).

在另一种可能的设计中,当p不被m整除时,在重复执行轮步骤S303和步骤S304之后,第一设备获取到个第一子结果。此时,参数集还包括q个第二参数,q小于p且q为正整数;则步骤S305包括以下步骤:In another possible design, when p is not divisible by m, After step S303 and step S304, the first device obtains The parameter set also includes q second parameters. q is less than p and q is a positive integer; then step S305 includes the following steps:

步骤1:第一设备将q个第二参数输入q个处理模块中。Step 1: The first device inputs q second parameters into q processing modules.

步骤2:第一设备调用q个处理模块,并在每个处理模块中执行以下步骤:对输入的第二参数和通用迭代值进行运算,输出第二子结果;其中,q个处理模块并行进行运算且每个处理模块执行的运算不同。Step 2: The first device calls q processing modules, and executes the following steps in each processing module: operates on the input second parameter and the common iteration value, and outputs a second sub-result; wherein the q processing modules operate in parallel and each processing module performs different operations.

步骤3:第一设备根据个第一子结果和q个处理模块输出的q个第二子结果,确定密钥结果。Step 3: First device based The key result is determined based on the q first sub-results and the q second sub-results output by the q processing modules.

可选的,步骤3中第一设备确定密钥结果的过程可以包括:第一设备获取预设密钥长度;第一设备将个第一子结果和q个第二子结果进行拼接,得到临时密钥;第一设备根据预设密钥长度,截取临时密钥最左侧的部分比特值,得到密钥结果;密钥结果的长度为预设密钥长度。Optionally, the process of the first device determining the key result in step 3 may include: the first device obtains a preset key length; the first device The first sub-results and q second sub-results are concatenated to obtain a temporary key; the first device intercepts the leftmost bit value of the temporary key according to the preset key length to obtain a key result; the length of the key result is the preset key length.

可选的,在执行步骤S305之后,第一设备还可以根据该密钥结果对第一明文数据进行加密得到第一密文数据。例如,第一设备可以作为加密设备执行前述步骤A8中确认并输出密文C的过程。Optionally, after executing step S305, the first device may also encrypt the first plaintext data according to the key result to obtain the first ciphertext data. For example, the first device may serve as an encryption device to execute the process of confirming and outputting the ciphertext C in the aforementioned step A8.

可选的,在执行步骤S305之后,第一设备还可以根据所述密钥结果对第二密文数据进行解密得到第二明文数据。例如,第一设备可以作为解密设备执行前述步骤B7中输出解密后的明文数据的过程。Optionally, after executing step S305, the first device may also decrypt the second ciphertext data according to the key result to obtain the second plaintext data. For example, the first device may serve as a decryption device to execute the process of outputting the decrypted plaintext data in the aforementioned step B7.

在传统SM2算法的加解密计算过程中,前述步骤A5和步骤B4中的计算即为KDF算法的运算,需要在加密设备(或解密设备)中按顺序循环执行,即执行m次计算。该方法具体包括以下步骤:In the encryption and decryption calculation process of the traditional SM2 algorithm, the calculations in the aforementioned steps A5 and B4 are the operations of the KDF algorithm, which need to be executed in sequence in a loop in the encryption device (or decryption device), that is, m calculations are performed. The method specifically includes the following steps:

步骤C1:加密设备(或解密设备)初始化32比特计数器ct=0x00000001;Step C1: The encryption device (or decryption device) initializes the 32-bit counter ct=0x00000001;

C2:对i从1到执行:C2: for i from 1 to implement:

C2-1:计算Hi=SM3(Z||ct);C2-1: Calculate Hi = SM3(Z||ct);

C2-2:将32比特计数器ct累加1,即ct=ct+1;C2-2: add 1 to the 32-bit counter ct, that is, ct = ct + 1;

C3:将m个杂凑串拼接为K'=H1||H2||…||HmC3: concatenate m hash strings into K'=H 1 || H 2 || ... || H m ;

C4:截取K'的最左边klen比特作为K输出,即输出K=MSBklen(K')。C4: intercept the leftmost klen bits of K' as K output, that is, output K = MSB klen (K').

图4a为本申请实施例提供的一种SM2数据处理流程示例图。其中,第一设备对待处理的第一参数按照逐一计算,即不执行并行处理。应理解,该数据处理流程可以理解为p=1时的数据处理流程,也就是SM2加解密算法的传统处理方式。前述数据处理流程包括如下步骤:FIG4a is an example diagram of an SM2 data processing flow provided by an embodiment of the present application. In which, the first device calculates the first parameter to be processed one by one, that is, does not perform parallel processing. It should be understood that the data processing flow can be understood as the data processing flow when p=1, that is, the traditional processing method of the SM2 encryption and decryption algorithm. The aforementioned data processing flow includes the following steps:

步骤4a-1:获取参数1(即比特消息块Z)和参数2(即参数集中的任一个参数),其中,参数1为前述步骤S301中的椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值;参数2为前述步骤S303中的参数集中的第一参数。Step 4a-1: Obtain parameter 1 (i.e., bit message block Z) and parameter 2 (i.e., any parameter in the parameter set), wherein parameter 1 is the horizontal coordinate value and the vertical coordinate value of any coordinate point on the elliptic curve in the aforementioned step S301; parameter 2 is the first parameter in the parameter set in the aforementioned step S303.

步骤4a-2:根据参数1执行运算A1和运算A2,获得迭代值。Step 4a-2: Execute operations A1 and A2 according to parameter 1 to obtain an iterative value.

步骤4a-3:根据参数2和前述迭代值执行运算B1和运算B2,获得子密钥。Step 4a-3: Perform operations B1 and B2 according to parameter 2 and the aforementioned iteration value to obtain the subkey.

步骤4a-4:在重复执行多轮前述步骤4a-1至步骤4a-3之后,根据多个子密钥确定密钥结果K。Step 4a-4: After repeatedly executing multiple rounds of the aforementioned steps 4a-1 to 4a-3, a key result K is determined based on multiple subkeys.

显然,传统SM2算法的加解密计算过程中,需要循环多轮步骤C1至步骤C2-2(或者步骤4a-1至步骤4a-3),且步骤C2-1(或步骤4a-2)需要无差别的重复执行多次,造成计算资源的浪费,增加了计算的时间成本。Obviously, in the encryption and decryption calculation process of the traditional SM2 algorithm, multiple rounds of steps C1 to C2-2 (or steps 4a-1 to 4a-3) need to be repeated, and step C2-1 (or step 4a-2) needs to be repeated multiple times without distinction, resulting in a waste of computing resources and increasing the time cost of the calculation.

图4b为本申请实施例提供的一种SM2数据处理流程示例图。如图4b所示,结合前述步骤S301至步骤S305所示的方法和设计,数据处理方法的流程可以包括如下步骤:FIG4b is an example diagram of an SM2 data processing flow provided by an embodiment of the present application. As shown in FIG4b, in combination with the method and design shown in the aforementioned steps S301 to S305, the flow of the data processing method may include the following steps:

步骤4b-1:针对i(1至m),分别取64字节的字节串Yi。Step 4b-1: For i (1 to m), take a 64-byte byte string Yi respectively.

步骤4b-2:计算通用迭代值v(1)=F(v(0),E(Z))=CF(v(0),Z);该步骤4b-2可以参考前述步骤S302,此处不再详述。Step 4b-2: Calculate the universal iteration value v (1) =F(v (0) , E(Z))=CF(v (0) , Z); Step 4b-2 may refer to the aforementioned step S302 and will not be described in detail here.

步骤4b-3:针对j(0,p,2p,…),分别执行p个处理模块并行的函数计算;该步骤4b-3可以参考前述步骤S303至步骤S304,此处不再详述;应理解,将m个数据分为组,并对前组数据执行前述步骤4b-3。Step 4b-3: for j(0, p, 2p, ...), respectively perform the function calculation of p processing modules in parallel; this step 4b-3 can refer to the aforementioned steps S303 to S304, which will not be described in detail here; it should be understood that the m data are divided into group, and to the front The group data executes the aforementioned step 4b-3.

步骤4b-4:当p不被m整除时,对组中的最后一组(例如m’个)待处理数据进行函数计算;例如,并行执行m’个函数计算;又如,逐一进行函数计算。Step 4b-4: When p is not divisible by m, The last group (eg, m') of data to be processed in the group is subjected to function calculation; for example, m' function calculations are performed in parallel; or for another example, function calculations are performed one by one.

步骤4b-5:将前述通过函数计算获取的结果拼接在一起,得到临时密钥K'。Step 4b-5: concatenate the above results obtained by function calculation to obtain a temporary key K'.

步骤4b-6:截取K'的最左边klen比特作为密钥结果K;该步骤4b-5和步骤4b-6可以参考前述步骤S305,此处不再详述。Step 4b-6: intercept the leftmost klen bits of K' as the key result K; Step 4b-5 and Step 4b-6 can refer to the aforementioned step S305 and will not be described in detail here.

图4c为本申请实施例提供的一种SM2数据处理流程示例图。如图4c所示,结合前述步骤S301至步骤S305所示的方法和设计,数据处理方法的流程可以包括如下步骤:FIG4c is an example diagram of an SM2 data processing flow provided in an embodiment of the present application. As shown in FIG4c, in combination with the method and design shown in the aforementioned steps S301 to S305, the flow of the data processing method may include the following steps:

步骤4c-1:获取参数1(即比特消息块Z);参数1为前述步骤S301中的椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值。Step 4c-1: Obtain parameter 1 (ie, bit message block Z); parameter 1 is the horizontal coordinate value and the vertical coordinate value of any coordinate point on the elliptic curve in the aforementioned step S301.

步骤4c-2:在第一个SM3块处理模块中,根据参数1和第一预设值V(0),执行运算A1和运算A2,得到通用迭代值V(1)。该步骤4c-2可以参考前述步骤S302,此处不再详述。Step 4c-2: In the first SM3 block processing module, operations A1 and A2 are performed according to parameter 1 and the first preset value V (0) to obtain a universal iteration value V (1) . Step 4c-2 can refer to the aforementioned step S302 and will not be described in detail here.

步骤4c-3:获取参数2(即参数集);参数2为前述步骤S303中参数集中的任一个参数。Step 4c-3: Obtain parameter 2 (ie, parameter set); parameter 2 is any parameter in the parameter set in the aforementioned step S303.

步骤4c-4:针对参数集中的每个参数(i32,例如:132、232、332…m32),拼接第二预设值pad,并将拼接的结果(i32||pad)用于后续运算。该步骤4c-3和步骤4c-4可以参考前述步骤S303,此处不再详述。Step 4c-4: For each parameter in the parameter set (i 32 , for example: 1 32 , 2 32 , 3 32 . . . m 32 ), concatenate the second preset value pad, and use the concatenated result (i 32 || pad) for subsequent operations. Steps 4c-3 and 4c-4 may refer to the aforementioned step S303 and will not be described in detail here.

步骤4c-5:在后续其他SM3块处理模块中,执行运算B1和运算B2,获得运算结果(例如:V(2) 1,V(2) 2……V(2) m)。该步骤4c-5可以参考前述步骤S304,此处不再详述。Step 4c-5: In other subsequent SM3 processing modules, perform operations B1 and B2 to obtain operation results (eg, V (2) 1 , V (2) 2 . . . V (2) m ). Step 4c-5 may refer to the aforementioned step S304 and will not be described in detail here.

其中,在执行运算B1时,因64字节的字节串i32||pad是可以预知的数据,因此运算B1可预计算;也就是说,预先针对参数集中每一个参数进行运算B1,并存储其结果,该结果由68个4字节数据组成,因此存储一个运算B1的结果仅需要68*4=272字节。基于此,在执行运算B2时,将多个运算B2进行并行处理。When executing operation B1, since the 64-byte byte string i 32 || pad is predictable data, operation B1 can be pre-calculated; that is, operation B1 is performed in advance for each parameter in the parameter set, and its result is stored. The result consists of 68 4-byte data, so storing the result of one operation B1 only requires 68*4=272 bytes. Based on this, when executing operation B2, multiple operations B2 are processed in parallel.

步骤4c-6:将前述运算结果进行拼接获得临时密钥K’,并截取K'的最左边klen比特作为密钥结果K。该步骤4c-6可以参考前述步骤S305,此处不再详述。Step 4c-6: concatenate the above operation results to obtain a temporary key K', and intercept the leftmost klen bits of K' as the key result K. This step 4c-6 can refer to the above step S305 and will not be described in detail here.

图4d为本申请实施例提供的一种数据处理流程示例图。如图4d所示,结合前述步骤S301至步骤S305所示的方法和设计,数据处理方法的流程可以包括如下步骤:FIG4d is an example diagram of a data processing flow provided by an embodiment of the present application. As shown in FIG4d, in combination with the method and design shown in the aforementioned steps S301 to S305, the flow of the data processing method may include the following steps:

步骤4d-1:获取参数1(即比特消息块Z);参数1为前述步骤S301中的椭圆曲线上任一坐标点的横坐标值和坐标点的纵坐标值。Step 4d-1: Obtain parameter 1 (ie, bit message block Z); parameter 1 is the horizontal coordinate value and the vertical coordinate value of any coordinate point on the elliptic curve in the aforementioned step S301.

步骤4d-2:根据参数1和第一预设值V(0),执行运算A1和运算A2,得到通用迭代值V(1)。该步骤4d-2可以参考前述步骤S302,此处不再详述。Step 4d-2: According to parameter 1 and the first preset value V (0) , operations A1 and A2 are performed to obtain a universal iteration value V (1) . Step 4d-2 can refer to the aforementioned step S302 and will not be described in detail here.

步骤4d-3:获取参数2(即参数集);参数2为前述步骤S303中参数集中的任一个参数。Step 4d-3: Obtain parameter 2 (ie, parameter set); parameter 2 is any parameter in the parameter set in the aforementioned step S303.

步骤4d-4:将参数集中的每个参数(i32,例如:132、232、332…m32),拼接第二预设值pad,并将拼接的结果(i32||pad)输入多个用于执行运算B1的模块;根据运算A2的结果和多个运算B1的结果,执行多个运算B2。该步骤4c-4可以参考前述步骤S304,此处不再详述。Step 4d-4: splice each parameter (i 32 , for example: 1 32 , 2 32 , 3 32 ...m 32 ) in the parameter set with the second preset value pad, and input the spliced result (i 32 || pad) into multiple modules for performing operation B1; perform multiple operations B2 according to the result of operation A2 and the results of multiple operations B1. This step 4c-4 can refer to the aforementioned step S304 and will not be described in detail here.

应理解,图4d中仅示出一组并行的方案,在实际应用过程中,还可以包括其他多组并行,每组并行数小于或等于p。It should be understood that FIG. 4 d only shows one set of parallel solutions, and in actual application, other multiple sets of parallel solutions may be included, and the number of parallel solutions in each set is less than or equal to p.

步骤4d-5:根据前述多个运算B2的结果,确定椭圆曲线对应的密钥结果。该步骤4c-5可以参考前述步骤S305,此处不再详述。Step 4d-5: Determine the key result corresponding to the elliptic curve according to the results of the aforementioned multiple operations B2. Step 4c-5 can refer to the aforementioned step S305 and will not be described in detail here.

在一种可能的设计中,第一设备可以通过以下方式来满足并行处理的数据处理方法(即并行运算CF压缩函数):In a possible design, the first device may satisfy the data processing method of parallel processing (i.e., parallel operation of the CF compression function) in the following manner:

方式一:第一设备接收单指令多数据流SIMD指令;SIMD指令用于指示p个处理模块并行进行运算;Mode 1: The first device receives a single instruction multiple data (SIMD) instruction; the SIMD instruction is used to instruct p processing modules to perform operations in parallel;

方式二:第一设备将p个处理模块调度至p个并行执行的线程进行处理;Method 2: The first device schedules p processing modules to p parallel execution threads for processing;

方式三:第一设备通过图像处理器GPU进行p个处理模块的并行运算。Method three: The first device performs parallel calculations of p processing modules through a graphics processor GPU.

应理解,以上三个方式可以任选其一,也可以组合实现,本申请不做限定。It should be understood that the above three methods can be selected any one or combined, and this application does not limit them.

图5a为本申请实施例提供的一种并行处理(CF压缩函数)的示例图,记(V(i+1) 1,V(i +1) 2,…,V(i+1) p)=CF(p)(V(i),(Y1,Y2,…,Yp))为并行执行p个CF压缩函数,即V(i+1) j=CF(V(i),Yj),j=1,2,…,p。其中,(Y1,Y2,…,Yp)为p个比特消息块Z(512比特),(V(i+1) 1,V(i+1) 2,…,V(i +1) p)为p个计算结果,即p个第一子结果。Figure 5a is an example diagram of a parallel processing (CF compression function) provided by an embodiment of the present application, where (V (i+1) 1 , V (i +1) 2 , …, V (i+1) p ) = CF (p) (V (i) , ( Y1 , Y2 , …, Yp )) represents the parallel execution of p CF compression functions, that is, V (i+1) j = CF(V (i) , Yj ), j = 1, 2, …, p. Among them, ( Y1 , Y2 , …, Yp ) is a p-bit message block Z (512 bits), and (V (i+1) 1 , V (i+1) 2 , …, V (i +1) p ) is p calculation results, that is, p first sub-results.

如图5b所示,第一设备可以预先存储通用迭代值,即存储512比特的比特消息块Z进行扩展后的比特字集合:E(Z)=(W0,W1,…,W67);这样,在第一设备后续同时执行以下p个CF压缩函数:(V(2) 1+j,V(2) 2+j,…,V(2) p+j)=CF(p)(V(1),(Y1+j,Y2+j,…,Yp+j))的过程中,无需重新冗余的计算(Y1+j,Y2+j,…,Yp+j)的取值,能够节省计算资源。As shown in Figure 5b, the first device can pre-store a general iteration value, that is, store a set of bit words after the 512-bit bit message block Z is expanded: E(Z) = ( W0 , W1 , ..., W67 ); in this way, when the first device subsequently simultaneously executes the following p CF compression functions: (V (2) 1+j , V (2) 2+j , ..., V (2) p+j ) = CF (p) (V (1) , ( Y1+j , Y2 +j , ..., Yp +j )), there is no need to redundantly calculate the values of ( Y1+j , Y2 +j , ..., Yp +j ), which can save computing resources.

基于前述图3所示的数据处理方法,本申请提供以下实施例:假设第一设备(或称工作站)使用英特尔(Intel)支持AVX512指令集的处理器,选取AVX512指令并行实现的SM3的CF压缩函数,一个CPU核心可并行处理16个CF压缩函数,即p=16;以兆字节(MByte,MB)至吉字节(GigaByte,GB)级数据进行测试,采用图3所示的数据处理方式时的执行效率约为传统实现方式的10-16倍之间。显然,本申请所示的数据处理方法能够很大程度的提高KDF算法的运算效率,从而提高数据处理效率。Based on the data processing method shown in FIG3 , the present application provides the following embodiments: Assuming that the first device (or workstation) uses an Intel processor that supports the AVX512 instruction set, the SM3 CF compression function implemented in parallel by the AVX512 instruction is selected, and one CPU core can process 16 CF compression functions in parallel, that is, p=16; using megabyte (MB) to gigabyte (GB) level data for testing, the execution efficiency when using the data processing method shown in FIG3 is about 10-16 times that of the traditional implementation method. Obviously, the data processing method shown in the present application can greatly improve the computational efficiency of the KDF algorithm, thereby improving the data processing efficiency.

基于与上述数据处理方法的同一构思,本申请实施例还提供一种数据处理装置,用于实现上述由数据处理装置执行的方法。Based on the same concept as the above-mentioned data processing method, an embodiment of the present application also provides a data processing device for implementing the above-mentioned method performed by the data processing device.

图6所示为本申请实施例提供的一种数据处理装置的模块化结构示意图。其中,通信模块601可用于接收和发送数据,处理模块602可用于执行步骤S301至步骤S305所示的数据处理方法。具体执行的动作和功能这里不再具体展开,可参照前述方法实施例部分的说明。FIG6 is a schematic diagram of a modular structure of a data processing device provided in an embodiment of the present application. Among them, the communication module 601 can be used to receive and send data, and the processing module 602 can be used to execute the data processing method shown in steps S301 to S305. The specific actions and functions performed are not further elaborated here, and the description of the aforementioned method embodiment can be referred to.

图7示出了本申请实施例提供的一种数据处理装置的结构示意图。FIG. 7 shows a schematic diagram of the structure of a data processing device provided in an embodiment of the present application.

本申请实施例中的电子设备可包括处理器701。处理器701是该数据处理装置的控制中心,可以利用各种接口和线路连接该数据处理装置的各个部分,通过运行或执行存储在存储器702内的指令以及调用存储在存储器702内的数据。可选的,处理器701可包括一个或多个处理单元,处理器701可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器701中。在一些实施例中,处理器701和存储器702可以在同一芯片上实现,在一些实施例中,它们也可以在独立的芯片上分别实现。The electronic device in the embodiment of the present application may include a processor 701. The processor 701 is the control center of the data processing device, and various interfaces and lines can be used to connect various parts of the data processing device, by running or executing instructions stored in the memory 702 and calling data stored in the memory 702. Optionally, the processor 701 may include one or more processing units, and the processor 701 may integrate an application processor and a modem processor, wherein the application processor mainly processes operating systems and application programs, etc., and the modem processor mainly processes wireless communications. It is understandable that the above-mentioned modem processor may not be integrated into the processor 701. In some embodiments, the processor 701 and the memory 702 may be implemented on the same chip, and in some embodiments, they may also be implemented separately on independent chips.

处理器701可以是通用处理器,例如中央处理器(CPU)、数字信号处理器、专用集成电路、现场可编程门阵列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件,可以实现或者执行本申请实施例中公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合本申请实施例所公开的第一设备或第二设备所执行的步骤可以直接由硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。Processor 701 may be a general-purpose processor, such as a central processing unit (CPU), a digital signal processor, an application-specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, and may implement or execute the methods, steps, and logic block diagrams disclosed in the embodiments of the present application. A general-purpose processor may be a microprocessor or any conventional processor, etc. The steps performed by the first device or the second device disclosed in the embodiments of the present application may be performed directly by a hardware processor, or by a combination of hardware and software modules in the processor.

在本申请实施例中,存储器702存储有可被至少一个处理器701执行的指令,至少一个处理器701通过执行存储器702存储的指令,可以用于执行前述由第一设备或第二设备执行的步骤。In an embodiment of the present application, the memory 702 stores instructions that can be executed by at least one processor 701, and the at least one processor 701 can be used to execute the aforementioned steps performed by the first device or the second device by executing the instructions stored in the memory 702.

存储器702作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块。存储器702可以包括至少一种类型的存储介质,例如可以包括闪存、硬盘、多媒体卡、卡型存储器、随机访问存储器(Random AccessMemory,RAM)、静态随机访问存储器(Static Random Access Memory,SRAM)、可编程只读存储器(Programmable Read Only Memory,PROM)、只读存储器(Read Only Memory,ROM)、带电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、磁性存储器、磁盘、光盘等等。存储器702是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。本申请实施例中的存储器702还可以是电路或者其它任意能够实现存储功能的装置,用于存储程序指令和/或数据。The memory 702 is a non-volatile computer-readable storage medium that can be used to store non-volatile software programs, non-volatile computer executable programs and modules. The memory 702 may include at least one type of storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory, a random access memory (Random Access Memory, RAM), a static random access memory (Static Random Access Memory, SRAM), a programmable read-only memory (Programmable Read Only Memory, PROM), a read-only memory (Read Only Memory, ROM), an electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), a magnetic memory, a disk, an optical disk, etc. The memory 702 is any other medium that can be used to carry or store a desired program code in the form of an instruction or data structure and can be accessed by a computer, but is not limited thereto. The memory 702 in the embodiment of the present application can also be a circuit or any other device that can realize a storage function, for storing program instructions and/or data.

本申请实施例中,该网络设备还可以包括通信接口703,数据处理装置可以通过该通信接口703传输数据。例如数据处理装置为服务器,通信接口703可用于获取用户配置的多个容器网络接口CNI插件的信息。In the embodiment of the present application, the network device may further include a communication interface 703, and the data processing device may transmit data through the communication interface 703. For example, if the data processing device is a server, the communication interface 703 may be used to obtain information of multiple container network interface CNI plug-ins configured by the user.

可选的,可由图7所示处理器701(或处理器701和存储器702)实现图6所示的处理模块602,和/或,由通信接口703实现图6所示的通信模块601。Optionally, the processing module 602 shown in FIG. 6 may be implemented by the processor 701 (or the processor 701 and the memory 702 ) shown in FIG. 7 , and/or the communication module 601 shown in FIG. 6 may be implemented by the communication interface 703 .

基于相同的发明构思,本申请实施例还提供一种计算机可读存储介质,其中可存储有指令,当该指令在计算机上运行时,使得计算机执行上述方法实施例提供的操作步骤。该计算机可读存储介质可以是图7所示的存储器702。Based on the same inventive concept, the embodiment of the present application further provides a computer-readable storage medium, which may store instructions, and when the instructions are executed on a computer, the computer executes the operation steps provided in the above method embodiment. The computer-readable storage medium may be the memory 702 shown in FIG. 7 .

本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that the embodiments of the present application may be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment in combination with software and hardware. Moreover, the present application may adopt the form of a computer program product implemented in one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) that contain computer-usable program code.

本申请是参照根据本申请的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to the flowchart and/or block diagram of the method, device (system), and computer program product according to the present application. It should be understood that each process and/or box in the flowchart and/or block diagram, as well as the combination of the process and/or box in the flowchart and/or block diagram, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing device to produce a machine, so that the instructions executed by the processor of the computer or other programmable data processing device produce a device for implementing the functions specified in one process or multiple processes in the flowchart and/or one box or multiple boxes in the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer-readable memory produce a manufactured product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions may also be loaded onto a computer or other programmable data processing device so that a series of operational steps are executed on the computer or other programmable device to produce a computer-implemented process, whereby the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.

显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present application without departing from the spirit and scope of the present application. Thus, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to include these modifications and variations.

Claims (12)

1. A method of data processing, the method comprising:
The method comprises the steps that first equipment obtains an abscissa value of any coordinate point on an elliptic curve and an ordinate value of the coordinate point; the first device comprises p processing modules; p is greater than or equal to 2 and p is a positive integer;
The first device determines a general iteration value according to the abscissa value and the ordinate value, and inputs the general iteration value into the p processing modules;
The first device generates a parameter set and inputs p first parameters contained in the parameter set into the p processing modules;
The first device invokes the p processing modules and performs the following steps in each of the processing modules: calculating the input first parameter and the general iteration value, and outputting a first sub-result; the p processing modules perform operation in parallel, and the operation executed by each processing module is different;
The first device determines a key result corresponding to the elliptic curve according to the p first sub-results;
encrypting the first plaintext data according to the key result to obtain first ciphertext data; or decrypting the second ciphertext data according to the key result to obtain second plaintext data.
2. The method of claim 1, wherein the set of parameters further comprises q second parameters, q is less than or equal to the p and q is a positive integer; the first device determines a key result corresponding to the elliptic curve according to the p first sub-results, including:
the first device inputs the q second parameters into q processing modules;
The first device invokes the q processing modules and performs the following steps in each of the processing modules: calculating the input second parameter and the general iteration value, and outputting a second sub-result; the q processing modules operate in parallel, and the operation executed by each processing module is different;
The first device is according to the The key result is determined by the first sub-results and the q second sub-results output by the q processing modules; m is the number of parameters contained in the parameter set.
3. The method of claim 2, wherein the first device determining the key result from the p first sub-results and q second sub-results output by the q processing modules comprises:
the first device obtains a preset key length;
the first device splices the p first sub-results and the q second sub-results to obtain a temporary key;
The first device intercepts the leftmost part bit value of the temporary key according to the preset key length to obtain the key result; the length of the key result is the preset key length.
4. The method of claim 1, wherein the length of the concatenated abscissa and ordinate values is 512 bits.
5. The method of any one of claims 1-4, wherein the method further comprises:
the first device receives a single instruction multiple data stream SIMD instruction; the SIMD instruction is used for indicating the p processing modules to operate in parallel; and/or the number of the groups of groups,
The first device dispatches the p processing modules to p threads which are executed in parallel for processing; and/or the number of the groups of groups,
And the first equipment performs parallel operation of the p processing modules through an image processor GPU.
6. A data processing apparatus, the apparatus comprising:
the communication module is used for acquiring an abscissa value of any coordinate point on the elliptic curve and an ordinate value of the coordinate point; the data processing device comprises p processing modules; p is greater than or equal to 2 and p is a positive integer;
The processing module is used for determining a general iteration value according to the abscissa value and the ordinate value and inputting the general iteration value into the p processing modules;
The processing module is further configured to: generating a parameter set, and inputting p first parameters contained in the parameter set into the p processing modules;
The processing module is further configured to: calling the p processing modules, and executing the following steps in each processing module: calculating the input first parameter and the general iteration value, and outputting a first sub-result; the p processing modules perform operation in parallel, and the operation executed by each processing module is different;
the processing module is further configured to: determining a key result corresponding to the elliptic curve according to the p first sub-results;
The processing module is further configured to: encrypting the first plaintext data according to the key result to obtain first ciphertext data; or decrypting the second ciphertext data according to the key result to obtain second plaintext data.
7. The apparatus of claim 6, wherein the set of parameters further comprises q second parameters, q is less than or equal to the p and q is a positive integer; the processing module is specifically configured to:
inputting the q second parameters into q processing modules;
Invoking the q processing modules, and executing the following steps in each processing module: calculating the input second parameter and the general iteration value, and outputting a second sub-result; the q processing modules operate in parallel, and the operation executed by each processing module is different;
according to the described The key result is determined by the first sub-results and the q second sub-results output by the q processing modules; m is the number of parameters contained in the parameter set.
8. The apparatus of claim 7, wherein the processing module is specifically configured to:
acquiring a preset key length through the communication module;
Splicing the p first sub-results and the q second sub-results to obtain a temporary key;
According to the preset key length, intercepting the leftmost part bit value of the temporary key to obtain the key result; the length of the key result is the preset key length.
9. The apparatus of claim 6, wherein the length of the concatenated abscissa and ordinate values is 512 bits.
10. The apparatus of any of claims 6-9, wherein the processing module is further to:
Receiving a single instruction multiple data stream SIMD instruction through the communication module; the SIMD instruction is used for indicating the p processing modules to operate in parallel; and/or the number of the groups of groups,
Scheduling the p processing modules to p threads which are executed in parallel for processing; and/or the number of the groups of groups,
And carrying out parallel operation of the p processing modules through an image processor GPU.
11. An electronic device, comprising:
A memory for storing program instructions;
a processor for invoking program instructions stored in the memory and for performing the steps comprised in the method according to any of claims 1-5 in accordance with the obtained program instructions.
12. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program comprising program instructions which, when executed by a computer, cause the computer to perform the method of any of claims 1-5.
CN202311865436.2A 2023-12-29 2023-12-29 Data processing method and device and electronic equipment Active CN117811737B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311865436.2A CN117811737B (en) 2023-12-29 2023-12-29 Data processing method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311865436.2A CN117811737B (en) 2023-12-29 2023-12-29 Data processing method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN117811737A CN117811737A (en) 2024-04-02
CN117811737B true CN117811737B (en) 2024-09-17

Family

ID=90433504

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311865436.2A Active CN117811737B (en) 2023-12-29 2023-12-29 Data processing method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN117811737B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104717060A (en) * 2015-03-10 2015-06-17 大唐微电子技术有限公司 Method for attacking elliptical curve encryption algorithm and attacking device
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11258986A (en) * 1998-03-16 1999-09-24 Nippon Telegr & Teleph Corp <Ntt> Encryption device, decryption device, encryption system, and program recording medium therefor
CN102412971B (en) * 2011-11-30 2015-04-29 西安西电捷通无线网络通信股份有限公司 SM2 key exchange protocol based key agreement method and device
CN111010277B (en) * 2019-12-27 2021-06-25 北京海泰方圆科技股份有限公司 Key exchange method, device and storage medium, computing device
CN113691543A (en) * 2021-08-25 2021-11-23 苏州国芯科技股份有限公司 Data encryption method and device based on elliptic curve, computer equipment and medium
CN113722700A (en) * 2021-09-01 2021-11-30 上海兆芯集成电路有限公司 Processor with elliptic curve cryptographic algorithm and processing method thereof
CN114491575A (en) * 2021-12-20 2022-05-13 苏州国芯科技股份有限公司 SM2 operation method, system, equipment and computer readable storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104717060A (en) * 2015-03-10 2015-06-17 大唐微电子技术有限公司 Method for attacking elliptical curve encryption algorithm and attacking device
CN107425968A (en) * 2017-06-22 2017-12-01 广东工业大学 A kind of SM2 elliptic curve public key cryptographic algorithms under binary field F2m realize system

Also Published As

Publication number Publication date
CN117811737A (en) 2024-04-02

Similar Documents

Publication Publication Date Title
US8681976B2 (en) System and method for device dependent and rate limited key generation
US20120269340A1 (en) Hierarchical encryption/decryption device and method thereof
US10404468B2 (en) Technologies for CCM encryption with 64-bit block ciphers
JP2019535036A (en) Computer program product, computer system, and computer-implemented method for realizing encrypted message including authentication instruction
CN112434326B (en) Trusted computing method and device based on data flow
CN108063760B (en) Method and system for block encryption and method for block decryption
WO2015156020A1 (en) Information processing device, program, and storage medium
WO2021217939A1 (en) Data processing method and apparatus for blockchain, and readable storage medium
CN116455572B (en) Data encryption method, device and equipment
US7434898B2 (en) Computer system, computer program, and addition method
CN117811737B (en) Data processing method and device and electronic equipment
CN118643517A (en) An adaptive hardware encryption method, device, computer equipment and medium
CN110034918B (en) SM4 acceleration method and device
CN117171202A (en) Data query method and device
CN113486375B (en) Storage method and device of equipment information, storage medium and electronic device
CN116760590A (en) Key encryption method, device, equipment and storage medium
CN115001649A (en) Batch encryption method, related device, system, equipment, medium and program product
CN109802824B (en) Shift processing method and device, computer storage medium and terminal
CN114666049A (en) Method for encrypting plaintext data and related product
JP2011081594A (en) Data processor and data processing program
CN116383803B (en) Data processing method, device, computer equipment and storage medium
CN111931202A (en) Encrypted storage method, terminal device and storage medium for distributed system
CN114817970B (en) Data analysis method and system based on data source protection and related equipment
CN117891432B (en) A random number generation method, device and electronic equipment
CN118233081B (en) NEON instruction set-based national cipher SM2 bottom modular multiplication optimization method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: No. 611, 6th Floor, No. 9 Shangdi 9th Street, Haidian District, Beijing 100085

Patentee after: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY Co.,Ltd.

Country or region after: China

Address before: 100094 1-2 / F, Block E, international software building, building 9, Zhongguancun Software Park, 8 Dongbeiwang West Road, Haidian District, Beijing

Patentee before: BEIJING HAITAI FANGYUAN HIGH TECHNOLOGY Co.,Ltd.

Country or region before: China

CP03 Change of name, title or address