2017-2018-2 20179204 "Network attack and Defense practice" 13th Week study summary Python implementation State secret algorithm

Source: Internet
Author: User

The state secret commercial algorithm refers to the national secret SM Series algorithm, including asymmetric public key cipher SM2 algorithm based on elliptic curve, cipher hash SM3 algorithm, block cipher SM4 algorithm, and symmetric cipher SM1 algorithm, which is provided only in the form of IP core for non-public algorithm.

1th SM2 principle of asymmetric cryptographic algorithm

The national secret SM2 algorithm is a commercial ECC elliptic curve public key cryptography, which has the functions of public key cryptography, key exchange and digital signature. The elliptic curve parameter does not give the recommended curve, and the generation of the curve parameter needs to be produced by a certain algorithm. However, in practical use, the State Secret Service recommends the use of the 256-bit elliptic curve of prime field, whose curve equation is y^2= x^3+ax+b. The parameters are as follows:

where P is a large prime number greater than 3, N is the order of the base point G, Gx, Gy respectively is the base point g X and Y values, a, B is the coefficient of y^2= x^3+ax+b with the circular curve equation.

2nd section SM3 cipher hashing algorithm principle

The hash cipher algorithm, also known as a hashing cipher algorithm or hashing cipher algorithm, can input a string of any length as an algorithm and output a fixed-length string. When the design of the algorithm is sophisticated enough, it is basically possible to have a uniquely determined output corresponding to any input, whereas the output can uniquely identify the input.

It is generally possible to evaluate the security performance of a hashing algorithm from two angles:

  1.计算不可逆性:即给定一输入消息A的杂凑值H(A),要得到原消息A在计算上是不可行的;  2.抗碰撞性:即给定一消息B,找到消息B?使H(B)=H(B‘)在计算上是困难的。

In the field of network security, the most commonly used hashing algorithms are MD5, SHA-1 and SHA-256, which have good computational irreversibility and collision resistance. However, in 2004, the hash collision algorithm proposed by Professor Xiao greatly reduced the time complexity of collision attack on MD5 and SHA-1 algorithm.

After years of research, the SM3 hash cipher algorithm, which is designed by Professor Xiao, is introduced, which can be used for digital signature and verification in various cipher applications, generation and verification of message authentication code, and random number generation, which can meet the security requirements of many cipher applications.

SM3 Commercial Cryptographic hashing algorithm is applied to digital signature and authentication, the generation and verification of message authentication code and the generation of random number, which can meet the security requirements of many cipher applications. For information with a length of L (l<264) bits, the SM3 hashing algorithm is populated and iteratively compressed, generating a hash value with a hash value of 256 bits (32 bytes), with a security equivalent to SHA256.

3rd Section SM4 block cipher algorithm principle

The national secret SM4 algorithm is a symmetric block cipher algorithm with a packet length of 16 bytes and a key length of 16 bytes. Both the encryption algorithm and the key expansion algorithm adopt 32-round nonlinear iterative process, and the decryption algorithm is the same as that of the encryption algorithm, except that the key is used in reverse order, and the decryption wheel key is the inverse of the encryption wheel key. The four encryption modes supported by the SM4 algorithm are shown in the following table:

SM4 packet algorithm 4 modes and the security Mac algorithm identification is shown in the following table:

The 4th section of Python implementation

Python implementation code has uploaded code cloud.

4.1 SM2 Test

Python3 implementation of the SM2+SM3,SM3 includes the KDF function, can be combined with SM2 decryption (SM2 called the SM3 module). SM2 realizes the signature, verification and decryption functions under various vegetarian domains.

Embodies the SM2 of "hello" encryption and decryption process.

4.2 SM3 Test

The code of the SM3 cipher hash algorithm written by Python.

Test the string ABC, ABCD*16, and the result

4.3 SM4 test

The native encryption SM4 algorithm implemented by Python.

Tested the ECB and CBC two modes:

The 5th section encounters problems with the resolution process 5.1 problem one


Python appears non-ascii character ' \xe7 ' in the file sm2.py on line 6, but no encoding declare error.

The http://www.python.org/peps/pep-0263.html can be viewed in the wrong suggested URLs because Python does not support encoding in the source file by default. The solution has the following three kinds:

  1)在文件头部添加如下注释码:  # coding=<encoding name>   例如,可添加# coding=utf-8  2)在文件头部添加如下两行注释码:  #!/usr/bin/python  # -*- coding: <encoding name> -*-       例如,可添加# -*- coding: utf-8 -*-  3)在文件头部添加如下两行注释码:  #!/usr/bin/python  # vim: set fileencoding=<encoding name> :  例如,可添加# vim: set fileencoding=utf-8 :

Reference blog: Cnblogs csdn

5.2 Question Two


Unicodedecodeerror: ' ASCII ' codec can ' t decode byte 0xe9 in position 0:ordinal not in range (128) Cause:

Because Python uses ASCII encoding by default, while Python converts between encodings, Unicode is used as an "intermediate encoding", but Unicode is only 128 that long, so this is where you try to convert an ASCII-encoded string to " The intermediate encoding "Unicode" reported the above error due to its range.

Some solutions refer to Cnblogs, csdn. But specifically I changed the python3.7 version to run directly through.

5.3 Question Three

The Python module and the import appear importerror:no module named ' xxx ' issue.

See Mamicode for details.

In Python, each py file is called a module, and each directory with a _init_.py file is called a package. As long as the module or the directory in which the package resides is in Sys.path, you can use the Import module or the import package.

If you want to use the module (PY file) and the current module in the same directory, just import the corresponding file name, such as the use of b.py in a.py:

  import b

2017-2018-2 20179204 "Network attack and Defense practice" 13th Week study summary Python implementation State secret algorithm

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.