SM9基于身份的密码算法第3部分：密钥交换协议.pdf

SM9identity-basedcryptographicalgorithms

Part3:Keyexchangeprotocol

Contents

1Scope1

2Normativereferences1

3Termsanddefinitions1

3.1keyexchange1

3.2keyagreement1

3.3keyconfirmationfromAtoB1

3.4keyderivationfunction1

3.5initiator1

3.6responder2

3.7encryptionmasterkey2

3.8identity2

3.9keygenerationcenter(KGC)2

4Symbols2

5Algorithmparametersandauxiliaryfunctions3

5.1Overview3

5.2Systemparameters4

5.3Generationoftheencryptionmasterkeyandtheuser’sencryptionprivatekey4

5.4Auxiliaryfunctions4

5.4.1Overview4

5.4.2Cryptographichashfunctions5

5.4.3Keyderivationfunctions6

5.4.4Randomnumbergenerators6

6Keyexchangeprotocolanditsprocess6

6.1Keyexchangeprotocol6

6.2Keyexchangeprocess7

i

SM9identity-basedcryptographicalgorithms

Part3:Keyexchangeprotocol

1Scope

ThispartofGM/T0044‒2016describesanidentity-basedkeyexchangeprotocolbuiltuponpairingson

ellipticcurves,andspecifiesthecorrespondingprocesses.Thisprotocolenablestwocommunication

entitiestocomputeasharedsecretkey,whichisgeneratedfrominputprovidedbybothentities,asthe

resultoftwoor(optionally)threemessageexchangesovertheidentityofthepeerentityanditsown

privatekey.Thesharedsecretkeycanbeusedasthesessionkeyofsymmetriccryptographic

algorithms.Theoptionalmessageexchangestepintheprot