Page 309 - 《软件学报》2025年第5期
P. 309

刘振亚 等: SM2  数字签名算法的两方门限计算方案框架                                                   2209


                        序号  36  37  38  39  40  41  42   43  44  45  46  47  48  49





                        s = (1+d) −1 (k +r)−r  +(d 1 d 2 −1)r  1  +(d 1 d 2 −1)r  1  +(d 1 d 2 −1)r  d 1 d 2 +d 1 d 2 k 2 +d 2 +d 1 k 1 +(d 1 d 2 −1)r  1 d 1 d 2 +d 1 k 2 +d 2 +d 1 k 1 +(d 1 d 2 −1)r  1 d 1 d 2 +d 1 d 2 k 2 +d 2 +d 1 k 1 +(d 1 d 2 −1)r  1 d 1 +d 1 d 2 k 2 +d 2 +d 1 k 1 +(d 1 d 2 −1)r  1  d 1 d 2 k 2 +1+d 1 k 1 +(d 1 d 2 −1)r  d 1 d 2 k 2 +1+d 1 k 1 +(d 1 d 2 −1)r  d 1 k 2 +1+d 1 k 1 +(d 1 d 2 −1)r  d 1 d 2 +d 1 k 2 +1+d 1 k 1 +(d 1 d 2 −1)r  d 1 d 2 +d 1







                            d 1 d 2 k 2 +d 2 +d 1 k 1     d 1 d 2 k 2 +d 2 +d 1 k 1     2  d 1 k 2 +d 2 +d 1 k 1     1  2  2
                                                 2                            2






                                       )   )   )   )                        )
                          )   )    )                   )   )       )   )        )
                    (续)                  1       1
                        1   1   1            1       1
                        2 +w ′       1   2
                    表 A1    基于乘法密钥拆分的两随机数框架的实例化
                        k = d 1 w ′  (1+d) ( d 1 d 2 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 d 2 k 2 +d 2 +d 1 k 1  2  (1+d) ( d 1 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 d 2 +d 1 d 2 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 d 2 +d 1 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 d 2 +d 1 d 2 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 +d 1 d 2 k 2 +d 2 +d 1 k 1  (1+d) ( d 1 d 2 k 2 +1+d 1 k 1  (1+d) ( d 1 d 2 k 2 +1+d 1 k 1  2  (1+d)(d 1 k 2 +1+d 1 k 1 )  (1+d) ( d 1 d 2 +d 1 k 2 +1+d 1 k 2  (1+d) ( d 1 d 1 +d 1 k 2 +1+d 1 k 1
                                                 2

                                                                        2     2



                        k = w 2 +d −1 w 1  2  k 2 +d 1 d −1 +d −1 k 1  2  2  d 2 k 2 +d 1 d −1 +d −1 k 1  2  2  d −1 k 2 +d 1 d −1 +d −1 k 1  2  2  1+d 2 k 2 +d 1 d −1 +d −1 k 1  2  2  1+d −1 k 2 +d 1 d −1 +d −1 k 1  2  2  d 2 +k 2 +d 1 d −1 +d −1 k 1  2  2  d −1 +k 2 +d 1 d −1 +d −1 k 1  2  2  k 2 +d −1 d −1 +d −1 k 1  2  2  1  d 2 k 2 +d −1 d −1 +d −1 k 1  2  2  1  d −1 k 2 +d −1 d −1 +d −1 k 1  2  2  1  1+d −1 k 2 +d −1 d −1 +d −1 k 1  2  1  1+d −1 k 2 +d −1 d −1 +d −1




                                             2                       2   2
                                     2                           2
                                                     2
                                                                                  2



                                       )  2    )                   )  2     )
                        w ′  2  (1+d)d 2 k 2  (1+d)d 2 k 2  2  (1+d)k 2  (1+d) ( d 2 +d 2 k 2  (1+d)(d 2 +k 2 )  (1+d) ( d 2 +d 2 k 2  2  (1+d)(1+d 2 k 2 )  (1+d)d 2 k 2  (1+d)d 2 k 2  .  2  (1+d)k 2  (1+d) ( d 2 +d 2 k 2  (1+d)(d 2 +k 2 )  (1+d) ( d 2 +d 2 k 2  2  (1+d)(1+d 2 k 2 )



                                       )
                                        (1+d) ( d 2 +d 1 k 1

                        w ′  1           1                           (1+d)(1+d 1 k 1 )



                       w 2  k 2  d 2 k 2  d −1 k 2  1+d 2 k 2  1+d −1 k 2  2  d 2 +k 2  d −1 +k 2  k 2  d 2 k 2  .  d −1 k 2  1+d 2 k 2  1+d −1 k 2  2  d 2 +k 2  d −1 +k 2
                                     2                           2
                                                     2                            2



                       w 1              d 1 +k 1                     d −1 +k 1
                                                                     1
   304   305   306   307   308   309   310   311   312   313   314