• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】国密是什么

问答 admin 2个月前 (08-28) 53次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

国密即国家密码局认定的国产密码算法。商用密码是指能够实现商用密码算法的加密、解密和认证等功能的技术。商用密码技术是商用密码的核心,国家将商用密码技术列入国家秘密,任何单位和个人都有责任和义务保护商用密码技术的秘密。

The national secret code is the domestic cipher algorithm recognized by the State Encryption Bureau. Commercial cipher is a kind of technology which can realize the functions of encryption, decryption and authentication. Commercial Cryptography is the core of Commercial Cryptography. The state has listed commercial cryptography as state secrets. All units and individuals have the responsibility and obligation to protect the secrets of Commercial Cryptography.

国密即国家密码局认定的国产密码算法。商用密码,是指能够实现商用密码算法的加密、解密和认证等功能的技术。(包括密码算法编程技术和密码算法芯片、加密卡等的实现技术)。商用密码技术是商用密码的核心,国家将商用密码技术列入国家秘密,任何单位和个人都有责任和义务保护商用密码技术的秘密。

The national secret code is the domestic cipher algorithm recognized by the State Encryption Bureau. Commercial password refers to the technology that can realize encryption, decryption and authentication of commercial cipher algorithm. (including cryptographic algorithm programming technology and implementation technology of cryptographic algorithm chip, encryption card, etc.). Commercial Cryptography is the core of Commercial Cryptography. The state has listed commercial cryptography as state secrets. All units and individuals have the responsibility and obligation to protect the secrets of Commercial Cryptography.

商用密码的应用领域十分广泛,主要用于对不涉及国家秘密内容但又具有敏感性的内部信息、行政事务信息、经济信息等进行加密保护。比如:商用密码可用于企业门禁管理、企业内部的各类敏感信息的传输加密、存储加密,防止非法第三方获取信息内容;也可用于各种安全认证、网上银行、数字签名等。”

Commercial password is widely used in many fields. It is mainly used to encrypt and protect the sensitive internal information, administrative information and economic information that do not involve state secrets. For example, the commercial password can be used for enterprise access control management, transmission and storage encryption of all kinds of sensitive information within the enterprise, so as to prevent illegal third parties from obtaining information content; it can also be used for various security authentication, online banking, digital signature, etc

国密算法是国家密码局制定标准的一系列算法。其中包括了对称加密算法,椭圆曲线非对称加密算法,杂凑算法。具体包括 SM1,SM2,SM3 等,其中:

National secret algorithm is a series of algorithms formulated by the State Encryption Bureau. It includes symmetric encryption algorithm, elliptic curve asymmetric encryption algorithm and hash algorithm. It includes SM1, SM2, SM3, etc

SM2 为国家密码管理局公布的公钥算法,其加密强度为 256 位。其它几个重要的商用密码算法包括:SM1,对称加密算法,加密强度为 128 位,采用硬件实现;SM3,密码杂凑算法,杂凑值长度为 32 字节,和 SM2 算法同期公布,参见《国家密码管理局公告(第 22 号)》;SMS4,对称加密算法,随 WAPI 标准一起公布,可使用软件实现,加密强度为 128 位。

SM2 is a public key algorithm published by the State Encryption administration, and its encryption strength is 256 bits. Several other important commercial cipher algorithms include: SM1, symmetric encryption algorithm with 128 bit encryption strength, which is implemented by hardware; SM3, cipher hash algorithm, hash value length of 32 bytes, published at the same time with SM2 algorithm, see announcement of the State Administration of cryptography (No. 22); SMS4, symmetric encryption algorithm, with WAPI The standard is published together and can be implemented by software. The encryption strength is 128 bits.

商用密码,是指能够实现商用密码算法的加密、解密和认证等功能的技术。(包括密码算法编程技术和密码算法芯片、加密卡等的实现技术)。商用密码技术是商用密码的核心,国家将商用密码技术列入国家秘密,任何单位和个人都有责任和义务保护商用密码技术的秘密。

Commercial password refers to the technology that can realize encryption, decryption and authentication of commercial cipher algorithm. (including cryptographic algorithm programming technology and implementation technology of cryptographic algorithm chip, encryption card, etc.). Commercial Cryptography is the core of Commercial Cryptography. The state has listed commercial cryptography as state secrets. All units and individuals have the responsibility and obligation to protect the secrets of Commercial Cryptography.

商用密码的应用领域十分广泛,主要用于对不涉及国家秘密内容但又具有敏感性的内部信息、行政事务信息、经济信息等进行加密保护。比如:商用密码可用于企业门禁管理、企业内部的各类敏感信息的传输加密、存储加密,防止非法第三方获取信息内容;也可用于各种安全认证、网上银行、数字签名等。

Commercial password is widely used in many fields. It is mainly used to encrypt and protect the sensitive internal information, administrative information and economic information that do not involve state secrets. For example, the commercial password can be used for enterprise access control management, transmission and storage encryption of various sensitive information within the enterprise, so as to prevent illegal third parties from obtaining information content; it can also be used for various security authentication, online banking, digital signature, etc.

例如:在门禁应用中,采用 SM1 算法进行身份鉴别和数据加密通讯,实现卡片合法性的验证,保证身份识别的真实性。 安全是关系国家、城市信息、行业用户、百姓利益的关键问题。国家密码管理局针对现有重要门禁系统建设和升级改造应用也提出指导意见,加强芯片、卡片、系统的标准化建设。截止目前,国密门禁系统的升级的案例也逐渐增多,基于自主国产知识产权的 CPU 卡、CPU 卡读写设备及密钥管理系统广泛受到关注。一些厂商如同方锐安在 2009 年推出 CPU 卡安全门禁系列产品,在 2010 年北京安博会上,该公司再次向业界展示出“御”系列 CPU 卡门禁系统、TF-DF6000 系列安全门禁读卡器以及基于 CPU 卡技术的一卡通系统等主流产品和系统。这些厂商是全国推广的国密门禁产品的先驱者,使“御”系列 CPU 卡门禁系统广泛应用于政府、监狱、司法、军工企业和大型公共智能建筑等高安全领域。

For example: in the access control application, SM1 algorithm is used for identity authentication and data encryption communication to verify the legitimacy of the card and ensure the authenticity of identity recognition. Security is a key issue related to the interests of the state, urban information, industry users and people. The State Password Administration also puts forward guidance for the construction and upgrading of existing important access control systems, and strengthens the standardization construction of chips, cards and systems. Up to now, the number of upgrading cases of national secret access control system is gradually increasing. CPU card, CPU card read-write equipment and key management system based on independent domestic intellectual property rights have been widely concerned. Some manufacturers, like Fang Ruian, launched the CPU card security access control series products in 2009. At the 2010 Beijing safety Expo, the company once again showed the mainstream products and systems such as “Yu” Series CPU card door access control system, tf-df6000 series security access control reader and all-in-one card system based on CPU card technology. These manufacturers are the pioneers of national secret access control products, which make the “Royal” CPU card system widely used in high security fields such as government, prison, justice, military enterprises and large public intelligent buildings.

安全是智能卡的核心,而算法是安全的基础。

Security is the core of smart card, and algorithm is the basis of security.

国密算法由国家密码局发布,包含 SM1 SM2 SM3 SM4 SSF33 算法;国际算法由美国的安全局发布,是现今最通用的商用算法。我们就以分组密码算法(DES 和 SM4)、公钥密码算法(RSA 和 SM2)、摘要算法(SM3)为例,和大家谈谈国际算法和国密算法的区别。

The national cipher algorithm is published by the national cryptography office, including SM1, SM2, SM3, SM4, ssf33, and the international algorithm is the most common commercial algorithm. We take block cipher algorithm (DES and SM4), public key cryptography algorithm (RSA and SM2) and digest algorithm (SM3) as examples to talk about the differences between international algorithm and national secret algorithm.

分组密码算法——国际 DES、国产 SM4

Block cipher algorithm — International des, domestic SM4

分组密码就是将明文数据按固定长度进行分组,然后在同一密钥控制下逐组进行加密,从而将各个明文分组变换成一个等长的密文分组的密码。其中二进制明文分组的长度称为该分组密码的分组规模。

Block cipher is a kind of cipher in which plaintext data are grouped according to fixed length, and then encrypted group by group under the control of the same key, so that each plaintext block is transformed into a ciphertext block of equal length. The length of the binary plaintext block is called the block size of the block cipher.

分组密码的实现原则如下:

The implementation principles of block cipher are as follows:

(1)必须实现起来比较简单,知道密钥时加密和脱密都十分容易,适合硬件和(或)软件实现.(2)加脱密速度和所消耗的资源和成本较低,能满足具体应用范围的需要.

(1) It is easy to encrypt and decrypt when the key is known. It is suitable for hardware and / or software implementation. (2) the speed of encryption and decryption is low, and it can meet the needs of specific applications

分组密码的设计基本遵循混淆原则和扩散原则。

The design of block cipher follows the principle of confusion and diffusion.

混淆原则就是将密文、明文、密钥三者之间的统计关系和代数关系变得尽可能复杂,使得敌手即使获得了密文和明文,也无法求出密钥的任何信息;即使获得了密文和明文的统计规律,也无法求出明文的任何信息。

The confusion principle is to make the statistical and algebraic relations among ciphertext, plaintext and key as complex as possible, so that even if the adversary obtains the ciphertext and plaintext, he can not get any information of the key; even if he obtains the statistical law of ciphertext and plaintext, he can not get any information of plaintext.

扩散原则就是应将明文的统计规律和结构规律散射到相当长的一段统计中去。也就是说让明文中的每一位影响密文中的尽可能多的位,或者说让密文中的每一位都受到明文中的尽可能多位的影响。

The diffusion principle is to scatter the statistical and structural rules of plaintext into a long section of statistics. In other words, let each bit in the plaintext affect as many bits as possible in the ciphertext, or let each bit in the ciphertext be affected by as many bits as possible in the plaintext.

DES 算法

DES algorithm

DES 算法是在美国 NSA(国家安全局)资助下由 IBM 公司开发的密码算法,其初衷是为政府非机密的敏感信息提供较强的加密保护。它是美国政府担保的第一种加密算法,并在 1977 年被正式作为美国联邦信息处理标准。DES 主要提供非军事性质的联邦政府机构和私营部门使用,并迅速成为名声最大,使用最广的商用密码算法。

DES algorithm is a cryptographic algorithm developed by IBM company with the support of NSA (National Security Agency). Its original intention is to provide strong encryption protection for government non confidential sensitive information. It is the first encryption algorithm guaranteed by the U.S. government, and officially adopted as the federal information processing standard in 1977. DES is mainly used by non military federal government agencies and the private sector, and has rapidly become the most famous and widely used commercial cryptographic algorithm.

从算法上看,国产 SM4 算法在计算过程中增加非线性变换,理论上能大大提高其算法的安全性,并且由专业机构进行了密码分析,民间也对 21 轮 SM4 进行了差分密码分析,结论均为安全性较高。

From the algorithm point of view, the domestic SM4 algorithm adds nonlinear transformation in the calculation process, which can greatly improve the security of the algorithm in theory, and the professional institutions have carried out the cryptanalysis, and the folk have also carried out the differential cryptanalysis of 21 rounds of SM4, and the conclusion is that the security is high.

公钥密码算法——国际 RSA、国产 SM2

Public key cryptography algorithm — International RSA, domestic Sm2

公钥密码学与其他密码学完全不同, 使用这种方法的加密系统,不仅公开加密算法本身,也公开了加密用的密钥。

Public key cryptography is completely different from other cryptography. The encryption system using this method not only discloses the encryption algorithm itself, but also the key used for encryption.

公钥密码系统与只使用一个密钥的对称传统密码不同,算法是基于数学函数而不是基于替换和置换。公钥密码学是非对称的,它使用两个独立的密钥,即密钥分为公钥和私钥,因此称双密钥体制。双钥体制的公钥可以公开,因此称为公钥算法。

The public key cryptosystem is different from the symmetric traditional cryptosystem which only uses one key. The algorithm is based on mathematical function instead of substitution and substitution. Public key cryptography is asymmetric. It uses two independent keys, that is, the key is divided into public key and private key, so it is called double key system. The public key of double key system can be public, so it is called public key algorithm.

公钥算法的出现,给密码的发展开辟了新的方向。公钥算法虽然已经历了 20 多年的发展,但仍具有强劲的发展势头,在鉴别系统和密钥交换等安全技术领域起着关键的作用

The emergence of public key algorithm opens up a new direction for the development of cryptography. Although the public key algorithm has experienced more than 20 years of development, it still has a strong momentum of development, and plays a key role in security technology such as authentication system and key exchange

公钥算法的加密与解密由不同的密钥完成,并且从加密密钥得到解密密钥在计算上是不可行的。通常,公钥算法的两个密钥中任何一个都可以作为加密而另一个用作解密,但不是所有的公钥算法都是如此。

The encryption and decryption of public key algorithm are completed by different keys, and it is not feasible to get the decryption key from the encryption key. Generally, either of the two keys of a public key algorithm can be used as encryption and the other as decryption, but not all public key algorithms do.

RSA 算法由 Rivest、Shamir、Adleman 于 1978 年首次发表,是迄今为止最容易理解和实现的公钥算法,已经受住了多年深入的攻击,其理论基础是一种特殊的可逆模幂运算,其安全性基于分解大整数的困难性。

RSA algorithm was first published by Rivest, Shamir and Adleman in 1978. It is the most easily understood and implemented public key algorithm so far. It has been attacked deeply for many years. Its theoretical basis is a special reversible modular power operation, and its security is based on the difficulty of decomposing large integers.

RSA 算法既可用于加密,又可用于数字签名,已得到广泛采用,并被许多标准化组织(如 ISO、ITU、IETF 和 SWIFT 等)接纳。目前许多国家标准仍采用 RSA 算法或它的变型。

RSA algorithm can be used for both encryption and digital signature. It has been widely used and accepted by many standardization organizations (such as ISO, ITU, IETF and swift). At present, many national standards still adopt RSA algorithm or its variant.

RSA 算法的实现如下:

The implementation of RSA algorithm is as follows:

(1) 实现者寻找出两个大素数 p 和 q(2) 实现者计算出 n=pq 和φ(n)=(p-1)(q-1)(3) 实现者选择一个随机数 e (0<e<></e<>(4) 实现者使用辗转相除法计算 d=e-1(modφ(n))(5) 实现者在目录中公开 n 和 e 作为公钥

(1) The implementer finds two large prime numbers P and Q (2) the implementer computes n = PQ and φ (n) = (p-1) (Q-1) (3) the implementer selects a random number e (0 & lt; E & lt; & gt; & lt; E & lt;); (4) the implementer computes d = E-1 (MOD φ (n)) (5) the implementer discloses N and E as public keys in the directory

密码分析者攻击 RSA 体制的关键点在于如何分解 n。若分解成功使 n=pq,则可以算出φ(n)=(p-1)(q-1),然后由公开的 e,解出秘密的 d。所以说 RSA 算法的安全性基于分解大整数的困难性。

The key to attack RSA is how to decompose n. If the decomposition is successful so that n = PQ, then φ (n) = (p-1) (Q-1) can be calculated, and then the secret D can be solved from the public E. Therefore, the security of RSA algorithm is based on the difficulty of decomposing large integers.

SM2 算法

SM2 algorithm

SM2 算法由国家密码管理局于 2010 年 12 月 17 日发布,全称为椭圆曲线算法。椭圆曲线并不是椭圆,之所以称为椭圆曲线是因为它们是用三次方程来表示的,并且该方程与计算椭圆周长的方程相似。一般而言,椭圆曲线的三次方程形为:

SM2 algorithm was released by the State Encryption administration on December 17, 2010, which is called elliptic curve algorithm. Elliptic curves are not ellipses, so they are called elliptic curves because they are represented by cubic equations, and the equation is similar to the equation for calculating the circumference of an ellipse. Generally speaking, the form of cubic equation of elliptic curve is as follows:

y2+axy+by=x3+cx2+dx+e [其中 a,b,c,d 和 e 是满足某些条件的实数,因为方程中的指数最高是 3,所以我们称之为三次方程,或者说方程的次数为 3]

Y2 + axy + by = X3 + CX2 + DX + E [where a, B, C, D and E are real numbers satisfying certain conditions, because the highest exponent in the equation is 3, we call it cubic equation, or the degree of equation is 3]

SM2 算法使用的方程为:y2= x3 + ax + bSM2 算法实现如下:(1) 选择 Ep(a,b)的元素 G,使得 G 的阶 n 是一个大素数(2) G 的阶是指满足 nG=O 的最小 n 值(3) 秘密选择整数 k,计算 B=kG,然后公开(p,a,b,G,B),B 为公钥,保密 k,k 为私钥加密 M:先把消息 M 变换成为 Ep(a,b)中一个点 Pm,然后,选择随机数 r,计算密文 Cm={rG,Pm+rP),如果 r 使得 rG 或者 rP 为 O,则要重新选择 r。解密 Cm: (Pm+rP)-k(rG)=Pm+rkG-krG=Pm

The SM2 algorithm uses the equation y2 = X3 + ax + BSM2. The algorithm is implemented as follows: (1) select the element g of EP (a, b) so that the order of G is a large prime number. (2) the order of G refers to the minimum n value satisfying ng = o. (3) secret selection of integer k, calculation of B = kg, and then public (P, a, B, G, b), B is the public key, secret K, K is the private key encryption M: first, the message M is transformed into EP (a, b) Then, select the random number R and calculate the ciphertext cm = {RG, PM + RP). If R causes RG or RP to be o, select r again. Decryption cm: (PM + RP) – K (RG) = PM + RKG KRG = PM

SM2 算法的安全性基于一个数学难题”离散对数问题 ECDLP”实现,即考虑等式 Q=KP,其中 Q、P 属于 Ep(a,b),K<p,则:1) p=”” 已知 q 和 p,计算 k,是困难的。<=”“>

The security of SM2 algorithm is based on the realization of ECDLP, which is a mathematical problem. In other words, consider the equation q = KP, where Q and P belong to EP (a, b), K & lt; P, then: 1) P = “given Q and P, it is difficult to calculate K. <=”“>

现今对椭圆曲线研究的时间短,经过许多优秀的数学家的努力,至今一直没有找到亚指数级算法。正是由于目前所知求解 ECDLP 的最好方法是指数级的,这使得我们选用 SM2 算法作加解密及数字签名时,所要求的密钥长度比 RSA 要短得多。

Nowadays, the time of elliptic curve research is short. Through the efforts of many excellent mathematicians, sub exponential algorithm has not been found. It is because the best way to solve ECDLP is exponential, which makes the key length required by SM2 algorithm is much shorter than that of RSA.

摘要算法——国产 SM3

Abstract algorithm — domestic SM3

摘要函数在密码学中具有重要的地位,被广泛应用在数字签名,消息认证,数据完整性检测等领域。摘要函数通常被认为需要满足三个基本特性:碰撞稳固性,原根稳固性和第二原根稳固性。

Abstract function plays an important role in cryptography and is widely used in digital signature, message authentication, data integrity detection and other fields. Functions are generally considered to satisfy three basic properties: collision stability, primitive root stability and second primitive root stability.

2005 年,Wang 等人给出了 MD5 算法和 SHA-1 算法的碰撞攻击方法,现今被广泛应用的 MD5 算法和 SHA-1 算法不再是安全的算法。

In 2005, Wang et al. Proposed the collision attack method of MD5 algorithm and SHA-1 algorithm. The widely used MD5 algorithm and SHA-1 algorithm are no longer secure algorithms.

SM3 密码摘要算法是中国国家密码管理局 2010 年公布的中国商用密码杂凑算法标准。SM3 算法适用于商用密码应用中的数字签名和验证,是在 SHA-256 基础上改进实现的一种算法。SM3 算法采用 Merkle-Damgard 结构,消息分组长度为 512 位,摘要值长度为 256 位。

SM3 cipher digest algorithm is the standard of Chinese commercial cipher hash algorithm published by the state cryptograph administration of China in 2010. SM3 algorithm is suitable for digital signature and verification in commercial cryptographic applications. It is an improved algorithm based on SHA-256. SM3 algorithm adopts Merkle damgard structure, message packet length is 512 bits, digest value length is 256 bits.

SM3 算法的压缩函数与 SHA-256 的压缩函数具有相似的结

The compression function of Sm3 algorithm is similar to that of SHA-256


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】国密是什么
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址