SM3密码杂凑算法概要.docx
《SM3密码杂凑算法概要.docx》由会员分享,可在线阅读,更多相关《SM3密码杂凑算法概要.docx(11页珍藏版)》请在冰豆网上搜索。
SM3密码杂凑算法概要
SM3密码杂凑算法SM3CryptographicHashAlgorithm
国家密码管理局2010年12月
目次
1范围······················································································12术语和定义···············································································13符号······················································································14常数与函数···············································································24.1初始值················································································24.2常量··················································································24.3布尔函数··············································································2
4.4置换函数··············································································2
5算法描述·················································································25.1概述··················································································25.2填充··················································································25.3迭代压缩··············································································35.3.1迭代过程·······································································35.3.2消息扩展·······································································35.3.3压缩函数·······································································35.4杂凑值················································································4附录A(资料性附录运算示例································································5A.1示例1·················································································5A.1示例2·················································································7
SM3密码杂凑算法
1范围
本文本规定了SM3密码杂凑算法的计算方法和计算步骤,并给出了运算示例。
本文本适用于商用密码应用中的数字签名和验证、消息认证码的生成与验证以及随机数的生成,可满足多种密码应用的安全需求。
同时,本文本还可为安全产品生产商提供产品和技术的标准定位以及标准化的参考,提高安全产品的可信性与互操作性。
2术语和定义
1.1
比特串bitstring
由0和1组成的二进制数字序列。
1.2
大端big-endian
数据在内存中的一种表示格式,规定左边为高有效位,右边为低有效位。
数的高阶字节放在存储器的低地址,数的低阶字节放在存储器的高地址。
1.3
消息message
任意有限长度的比特串。
本文本中消息作为杂凑算法的输入数据。
1.4
杂凑值hashvalue
杂凑算法作用于消息后输出的特定长度的比特串。
本文本中的杂凑值长度为256比特。
1.5
字word
长度为32的比特串。
3符号
下列符号适用于本文本。
ABCDEFGH:
8个字寄存器或它们的值的串联
B(i:
第i个消息分组
CF:
压缩函数
FFj:
布尔函数,随j的变化取不同的表达式
GGj:
布尔函数,随j的变化取不同的表达式
IV:
初始值,用于确定压缩函数寄存器的初态
P0:
压缩函数中的置换函数
P1:
消息扩展中的置换函数
Tj:
常量,随j的变化取不同的值
m:
消息
m′:
填充后的消息
mod:
模运算
∧:
32比特与运算
∨:
32比特或运算
⊕:
32比特异或运算
¬:
32比特非运算
+:
mod232算术加运算
≪k:
循环左移k比特运算
←:
左向赋值运算符
4常数与函数
4.1初始值
IV=7380166f4914b2b9172442d7da8a0600a96f30bc163138aae38dee4db0fb0e4e4.2常量
Tj={
79cc45190≤j≤157a879d8a16≤j≤63
4.3布尔函数
FFj(X,Y,Z={
X⊕Y⊕Z0≤j≤15(X∧Y∨(X∧Z∨(Y∧Z16≤j≤63
GGj(X,Y,Z={
X⊕Y⊕Z0≤j≤15(X∧Y∨(¬X∧Z16≤j≤63
式中X,Y,Z为字。
4.4置换函数
P0(X=X⊕(X≪9⊕(X≪17
P1(X=X⊕(X≪15⊕(X≪23
式中X为字。
5算法描述
5.1概述
对长度为l(l<264比特的消息m,SM3杂凑算法经过填充和迭代压缩,生成杂凑值,杂凑值长度为256比特。
5.2填充
假设消息m的长度为l比特。
首先将比特“1”添加到消息的末尾,再添加k个“0”,k是满足l+1+k≡448mod512的最小的非负整数。
然后再添加一个64位比特串,该比特串是长度l的二进制表示。
填充后的消息m′的比特长度为512的倍数。
例如:
对消息011000010110001001100011,其长度l=24,经填充得到比特串:
0110000101100010011000111423比特
00···00
64比特
00···011000l的二进制表示
5.3迭代压缩
5.3.1迭代过程
将填充后的消息m′按512比特进行分组:
m′=B(0B(1···B(n−1
其中n=(l+k+65/512。
对m′按下列方式迭代:
FORi=0TOn-1
V(i+1=CF(V(i,B(i
ENDFOR
其中CF是压缩函数,V(0为256比特初始值IV,B(i为填充后的消息分组,迭代压缩的结果为V(n。
5.3.2消息扩展
将消息分组B(i按以下方法扩展生成132个字W0,W1,···,W67,W′0,W′
1
···,W′
63
用于压缩函
数CF:
a将消息分组B(i划分为16个字W0,W1,···,W15。
bFORj=16TO67
Wj←P1(Wj−16⊕Wj−9⊕(Wj−3≪15⊕(Wj−13≪7⊕Wj−6
ENDFOR
cFORj=0TO63
W′
j
=Wj⊕Wj+4
ENDFOR
5.3.3压缩函数
令A,B,C,D,E,F,G,H为字寄存器,SS1,SS2,TT1,TT2为中间变量,压缩函数Vi+1=CF(V(i,B(i,0≤i≤n−1。
计算过程描述如下:
ABCDEFGH←V(i
FORj=0TO63
SS1←((A≪12+E+(Tj≪j≪7
SS2←SS1⊕(A≪12
TT1←FFj(A,B,C+D+SS2+W′
j
TT2←GGj(E,F,G+H+SS1+Wj
D←C
C←B≪9
B←A
A←TT1
H←G
G←F≪19
F←E
E←P0(TT2
ENDFOR
V(i+1←ABCDEFGH⊕V(i
其中,字的存储为大端(big-endian格式。
5.4杂凑值
ABCDEFGH←V(n
输出256比特的杂凑值y=ABCDEFGH。
4
附录A
(资料性附录
运算示例
A.1示例1
输入消息为“abc”,其ASCII码表示为
616263
填充后的消息
61626380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018扩展后的消息
W0W1···W67
616263800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000189092e20000000000000c0606719c70ed000000008001801f939f7da9000000002c6fa1f9adaaef14000000000001801e9a965f894971004823ce86a1b2d12f1be1dae338f8061807055d68be86cfd4811f447d83d9023dbf185898e0e0061807050df55ccde0104ca5b9c955a7df01846e46cd08e3babdf870caa4220353af50a92dbca15f33cfd2e16f6e89f70fe941ca5462dc85a9015276af6296c922bdb268378cf5975853440900872386faee742ab908b04a64bc50864e6e08f07e6590325c8f78accb8011e11db9ddb99c0545
W′0W′
1
···W′63
6162638000000000000000000000000000000000000000000000000000000000000000000000000000000000000000189092e20000000000000c0606719c70f59092e2008001801f93937baf719c70ed2c6fa1f92dab6f0b939f7da90001801eb6f9fe70e4dbef5c23ce86a1b2d0af057b4cbcb1b177184f2693ee1f341efb9afe9e9ebb210425b81d05f05e66c9cc861a4988df14e22df3bde151b547d919836b4b38542e5aadb4d5736d77a48caed4c76b71a9bc89722a91a5caabf45c46116379de7dda9ace8097c00c1f3e2d54f3a263ee2912f152167fafe5b54fd853c6428e8445dd3cef148f4ee92b76848be418e587c8e6af3c416753d7d549e260d5迭代压缩中间值
jABCDEFGH7380166f4914b2b9172442d7da8a0600a96f30bc163138aae38dee4db0fb0e4e0b9edc12b7380166f29657292172442d7b2ad29f4a96f30bcc550b189e38dee4d1ea52428cb9edc12b002cdee729657292ac353a23b2ad29f485e54b79c550b1892609f2850ea52428cdb825773002cdee7d33ad5fbac353a234fa5956985e54b79335037e59609f2850a48519d4db825773b8204b5fd33ad5fbd11d61a94fa5956941f99576635037e593e50a0c1a48519d48ad212eab8204b5fafde99d6d11d61a95374a0ca71f99576606fcb26a3e50a0c1acf0f6398ad212ea5afdc102afde99d6633130100374a0ca732aecc3f06fcb26a3391ec8aacf0f639975456905afdc10271022ac973313010094194e6e32aecc3f367250a13391ec8ab1cd6787975456908d47caf4c1022ac972602006694194e6e6ad473a4367250a164519c8fb1cd6787959c2744bd47caf4c45592e2026020066c6a3ceae6ad473a48509b39264519c8f
5
10481ba2a059c2744bf95e99a845592e2002afb727c6a3ceae9d2356a38509b39211694a3d09481ba2a084e896b3f95e99a89dd1b58c02afb7277576351e9d2356a31289cbcd58694a3d093745409084e896b36370db629dd1b58cb938157d7576351e1324c95abc89cbcd58947a12d2374540901a4a25546370db62ac64ee8db938157d147c52977824c95abc979ab113947a12d23ee959331a4a2554db131b86ac64ee8d1534d1691e7c52977892b57849979ab11361f996463ee959332aa0d251db131b8616796afab134d1691ea52ef0f892b57849067550f561f99646c999f74a2aa0d251177d27cc0e796afab1a2d23c69a52ef0f8b3c8669b067550f5b2330fccc999f74a18d7820ad17d27cc0ed5f562f2a2d23c69575c37d8b3c8669b87a833aab2330fcc19f84fd372d7820ad14f981cfad5f562f2a5dceaf1575c37d834dd9e4387a833aa2002c57896f84fd3720415a3af4f981cfa74576681a5dceaf1bec2bae134dd9e43214d0c2fcd02c578969fa6e5f00415a3af576f1d0974576681578d2ee7bec2bae122eeeec41a4d0c2fcd8af12c059fa6e5f0b5523911576f1d09340ba2bb578d2ee723f368da78eeeec41a185f9a9a8af12c056a879032b5523911e84abb78340ba2bb2415ce1286f368da78dd8835dd185f9a9a620633546a879032c88daa91e84abb7825c3fd31c215ce1286d1b4f1e6dd8835dd4db58f43620633548193543cc88daa91266243be5ec3fd31c29c250c2bd1b4f1e6131152fe4db58f439aa310318193543c27a549beaa6243be5efa6385879c250c2bcf65e309131152fe7a1a6dac9aa3103128e11eb847a549beaa877cbcc4fa638587e5b64e96cf65e30997f0988a7a1a6dac29ff9bac9de11eb847937d554a877cbcc49811b46de5b64e96184e7b2f97f0988a30a5a4a2b3ff9bac9d3d708fc2937d554ae92df4ea9811b46d74b72db2184e7b2f3189a13e59a5a4a2b337593bff3d708fc20a1ff572e92df4eaa36cc08d74b72db2323720bd4e89a13e594945674b37593bffcf7d16830a1ff572a757496fa36cc08d339ccd089c3720bd4e427cb3134945674bda8c835fcf7d1683ab9050ffa757496f34c7a0744d9ccd089c417a9c6e427cb3130958ff1bda8c835fb41e7be8ab9050ff35d955c3edc7a0744d9a113939417a9c6ec533f0ff0958ff1b1afed464b41e7be836e142d72bd955c3ed40e89b8f9a113939d4509586c533f0fff8d84ac71afed46437e7250598e142d72bab87dbb240e89b8fc7f93fd3d450958687fe299ff8d84ac7382f13c4ade725059885ae57c2ab87dbb21a6cabc9c7f93fd3ac36a28487fe299f3919f363f92f13c4ad4a0b31ce85ae57c2c302badb1a6cabc9fe9e3fc9ac36a2844055e1dde219f363f927895a5e4a0b31ce459daccfc302badb5e48d365fe9e3fc941d4f4efe355e1dde2e6c7f23327895a5e5cfba85a459daccfd6de18155e48d3654248dcbc62d4f4efe3c3bbc4abe6c7f2336f49c7bb5cfba85a667a2cedd6de1815438237b8a048dcbc62e9dfc7a9c3bbc4abd89d27116f49c7bb42d2e7dd667a2ced44d86859398237b8a0b978c491e9dfc7a98ee87df5d89d27113ddb7a4e42d2e7dd45d2090a86d86859396f714104b978c4912e5336258ee87df5388ec4e93ddb7a4e46e51076b3d2090a86d0b273b06f714104d9f89e612e533625efac7743388ec4e94747c5be50e51076b312150da4d0b273b03567734ed9f89e61b1297299efac774348abddbdc847c5be5020ed67ca12150da43dfcdd113567734ef30ecfc4b129729949bd708003abddbdc88b7ca08f20ed67ca93494bc03dfcdd119a71ab3bf30ecfc45015e2f5d3bd708003bb7b91578b7ca08fc3956c3f93494bc0e889efe69a71ab3b511382648615e2f5d3e100077abb7b9157cd09a51cc3956c3f5e049a4ae889efe6524a00ed2f13826486c5eba62be100077a0741f675cd09a51c61fe1cab5e049a4a53f4412e824a00ed2f04c90c27c5eba62b7429807c0741f67528e6684d61fe1cab6
54549db4b7f4412e8201da5e9404c90c27f6bc15ed7429807cb3a83a0f28e6684d5522a79585549db4b7825d05e801da5e949d4db19af6bc15ed03e3a14cb3a83a0f5630245b7822a795853b696ea9825d05e8f6804c829d4db19aaf6fb5e003e3a14c576598314f30245b784f2b0a453b696ea9f522adb2f6804c828cd4ea6daf6fb5e058c3d629a96598314f48b6f0604f2b0a4514fb0764f522adb26417b4028cd4ea6d59ddb0a26ac3d629a930629ecb48b6f060589f7d5c14fb07646d97a9156417b4026071034d71ddb0a26aac53538730629ecb14d5c7f6589f7d5c3b2
升级会员 