CN112235115A - Cipher algorithm private key protection method based on repudiation authentication relationship - Google Patents

Cipher algorithm private key protection method based on repudiation authentication relationship Download PDF

Info

Publication number
CN112235115A
CN112235115A CN202011083060.6A CN202011083060A CN112235115A CN 112235115 A CN112235115 A CN 112235115A CN 202011083060 A CN202011083060 A CN 202011083060A CN 112235115 A CN112235115 A CN 112235115A
Authority
CN
China
Prior art keywords
private key
key
authentication
cipher
protection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011083060.6A
Other languages
Chinese (zh)
Other versions
CN112235115B (en
Inventor
宋煜
郑艳斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202011083060.6A priority Critical patent/CN112235115B/en
Publication of CN112235115A publication Critical patent/CN112235115A/en
Application granted granted Critical
Publication of CN112235115B publication Critical patent/CN112235115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a cryptographic algorithm private key protection method based on a pure software form assumed by a white-box cryptographic module. The method takes a business data user as a center, and realizes the repudiatable authentication relationship between a software password module and a legal user by means of supporting the security of a server private key. Therefore, the risk prevention related to the security of the private key of the mobile user in the password application is realized, including but not limited to: identifying or blocking enumeration attacks on the memory characteristics of legitimate users; countermeasure capture, discrimination capture, data capture; a certain user cryptographic module captured, which cannot provide valuable information for other users; when any three of logic capture, identification capture, authentication capture and data capture occur simultaneously, the method has safety protection capability.

Description

Cipher algorithm private key protection method based on repudiation authentication relationship
Technical Field
The invention belongs to the technical field of key protection in the password application technology.
Background
Cryptography considers that a key is the basis for protecting the security of a cryptographic algorithm, and the protection of the key is realized based on a key protection key which is stored in a cryptographic module in a secure manner. According to different environments, the cryptographic module faces black box attack, gray box attack and white box attack threats. Wherein: two types of attackers of black-box password attack and gray-box password attack can acquire information such as plaintext, ciphertext, password algorithm and the like output and input by the password module by observing, but cannot acquire information such as execution logic, processes, key storage records and the like in the password module. The white-box attack is different from the two attack modes in that an attacker is assumed to completely control a password implementation and operation platform; white-box defenders pursue the use of cryptography, making it impossible for an attacker to extract key information for a cryptographic algorithm from the cryptographic composition.
The existing method is mainly to disperse the key into a plurality of lookup tables or polynomial coefficient matrixes by a confusion method and modify the logic process of a specified algorithm into the lookup tables or the polynomial coefficient matrixes formed by the key dispersion process. In specific application, the conditions are distinguished, the lookup table and the polynomial matrix are distributed in a security password system, and mathematical association needs to be established between identity authentication information of a key user and operating equipment characteristics for the lookup table in part of schemes. By applying the scheme, especially when the scheme is applied to the open code environment in the financial field, two password system problems of a lookup table, a polynomial matrix distribution problem and an open code environment personality code examination problem can be generated.
Look-up tables, polynomial matrix distribution problems. For example: in the digital currency scene based on the blockchain principle in the financial field, due to the numerous participants, one of the main tasks of utilizing the private key of the public cryptographic algorithm is to establish an effective identity authentication and authentication information mode for network access nodes (such as distributed account book nodes and identification nodes), and the private key and other variants (such as a public key) can pass through endorsements (SM2 and SM9 digital authentication centers) of a cryptographic infrastructure, so that the 'key distribution problem' before the operation of a cryptographic system is avoided. However, if the look-up table and the polynomial matrix also need to be reliably distributed in the same cryptosystem, the key distribution problem is substantially formed.
Open code environment personality code review questions. The design scheme of the Z cryptographic algorithm changes the prior cryptographic system of a common algorithm and different user keys, and improves the overall security of the cryptographic body in the white-box environment by establishing mathematical connection between the user keys and the individual codes, so that the user A cryptographic equipment captured by an attacker cannot provide valuable information aiming at the user B cryptographic equipment. However, when the personality algorithm combined with the user key needs to be exposed to an open code environment (for example, by applying market auditing by a foreign third party), the configuration data of the Z algorithm also needs to be distributed among consensus nodes and distributed accounting nodes, and besides only the form of the block cipher key can be protected, the problems of identification capture, challenge, data capture equivalent to the key and the like which are difficult to resist like a black box cipher model and a gray box cipher model are generated in the security distribution process of the personality code/configuration data, and the support of a public key cryptosystem may not meet the application requirements of financial distributed account technical security specifications. (e.g., by capturing the configuration data for communications during the distribution process, by capturing a single consensus node for analysis of other node identity or authentication information; so that an attacker other than the authorized user obtains and runs the authorized user personality code).
In summary, Chow et al propose a white-box attack threat hypothesis, and known exploration made to overcome the white-box attack hypothesis, emphasizes the hypothetical risks of trapped cryptographic module run logic, tracked cryptographic instance runs, etc., and does not meet the mobile application scenario needs in most open code environments. The main reasons are three:
firstly, the existing white-box cryptographic scheme cannot effectively solve the problem that when the logic of the cryptographic module, the residual data in the cryptographic module, the identity of the user of the cryptographic module and the authentication information of the user of the cryptographic module are captured by an attacker, the application security threat possibly generated can not be effectively solved. Wherein: the running of the password instance is tracked (debugged) in a scene which is equal to that of an attacker, and the attacker simultaneously obtains the logic of the password module, the residual data in the password module, the user identity of the legal password module and corresponding authentication information.
And secondly, the risk brought by the operation logic capture of the cryptographic module can be overcome to a certain extent by the distribution of the lookup table and the polynomial matrix, but in a large-scale application example, the specific key leakage risk is transferred to a typical systematic key distribution problem.
Third, the existing white-box cryptographic scheme cannot effectively prevent an attacker from utilizing the captured cryptographic module by means of stealing, tampering, counterfeiting the biological characteristics of a legal user, memorizing information and the like.
Disclosure of Invention
The invention aims to find out a cipher algorithm private key protection method realized in a pure software form, thereby providing a white-box cipher module scheme with high safety, high flexibility and low application cost for a mobile application scene in an open code environment.
The invention relates to a cipher algorithm private key protection method based on a repudiation authentication relationship
The cryptographic algorithm private key protection method based on the repudiation authentication relationship comprises the following steps: a repudiation authentication method of the asymmetric cryptographic algorithm (sm2), a private key and private key protection key association method, a locking method of the private key protection key and identity authentication, and a method for preventing identity authentication enumeration attack.
The repudiation authentication method of sm2 is used for endowing a new mathematical relationship between a sender (called as a caller hereinafter) of a cryptographic algorithm calculation task and an executor (called as a cipher hereinafter) directly utilizing a private key to perform cryptographic algorithm calculation.
The method for associating the private key and the private key protection key is used for the unpredictable mathematical relationship between the protected private key and the private key protection key.
A locking method for identifying a private key protection key and an identity mark is used for extracting the private key protection key from a mathematical relation between the private key and the private key protection key by using the identity mark and identification information.
A method for preventing ID authentication enumeration attack is used for identifying and preventing enumeration attack attempt on ID and authentication information.
The denial authentication method of SM2 is based on the mathematical relationship (formula 1) among the signature private key d, the signature values (r, s) and the signature calculation process random number k in the SM2 digital signature technology, and let d be the random number negotiated between the caller and the cipher, and the cipher can confirm that the four-tuple (ZA, M, r, s) of the digital signature is the true representation of the intention M of the caller ZA, but cannot be verified to any third party.
Figure BDA0002719377320000031
Callers, including but not limited to: the password module comprises a user of the password module, application software for calling the password module, service software for calling the password module, a program component for calling the password module and the like.
A cryptographic engine, including but not limited to: cipher algorithm executive program, cipher algorithm program component, software cipher module, cipher chip, cipher module, card cipher machine, server cipher machine, etc.
Negotiated random numbers, including but not limited to: a random number negotiated using an RSA algorithm, a random number negotiated using an SM2 algorithm, a random number negotiated using a DH method, a random number negotiated using a Chebyshev polynomial, etc.
The method for associating the private key and the private key protection key is characterized in that based on a mathematical relationship (formula 2) among a base point G, a signature private key d, signature values (r and s), a random number k in a signature calculation process, a signer identity ZA and a message M to be signed in an SM2 digital signature technology, any private key and the protection key thereof are assigned to (k and d), and the signature values (r and s) are taken to equivalently express the mathematical relationship between (k and d). And combining, calculating (ZA, M) used in the (r, s) process, and assigning the values of the four-tuple (ZA, M, r, s) equivalent expression private keys and the protection keys thereof to (k, d).
Figure BDA0002719377320000032
The locking method for the private key protection key and the identity identification adopts a locking calculation function and is based on the SM2 digital signature technology to ensure that daIs a representation of the private key, kaProtecting the representation symbol of the secret key for any private key, (ZA, M) being daThe legal user authorizes to establish the expression symbol of the key protection relationship, and obtains formula 3 by the triple (r)a、sa、kwa) Equivalent expression daKey information (ZA, M) and (k) of legitimate usera、da) A value of (1), wherein kwaThe function value is calculated for lock. When d isaThe legal user needs key information (k)a、da) And (4) calculating by formula 4.
Figure BDA0002719377320000041
Figure BDA0002719377320000042
The locking computation function is characterized by (r)a、sa、ea) When determined, f (k)a,ea,ra,sa)、f-1(kwa,ea,ra,sa) The reciprocal polynomial time-reversible operation includes but is not limited to:
Figure BDA0002719377320000043
Figure BDA0002719377320000044
Figure BDA0002719377320000045
f(ka,ea,ra,sa)=ka·ra·sm3(ea) mod n, and so on.
In the method for preventing the id authentication enumeration attack, a third-party computing entity (hereinafter referred to as a support server) is added between a caller and a secret operator, and a cooperation relationship as shown in fig. 1 is established.After the cipher enters the locked state by using the formula 3, let dsTo support the representation of the server private key, (PS)x、PSy) Is dsCorresponding to the expression sign of the public key, equation 5 is solved as a quintuple (W, r)b、sb、ra、sa) Equivalent expression daKey information (ZA, M) and (k) of legitimate usera、da) The value of (c). When d isaThe legal user needs key information (k)a、da) In this case, the support server assists in calculating formula 6, and then calculates formula 4.
Figure BDA0002719377320000046
kwa≡(sb+rb)-1·(kb-sb) mod n equation 6
Quintuple (W, r)b、sb、ra、sa) Is characterized in that (px, py, k)b、rb、sb、ra、sa) The values of seven different sources are preserved simultaneously, wherein at least (px, py, k)b) Three kinds of information are protected by the private key of the supporting server, and the calculation of W includes but is not limited to Sm2 encrpt (key) (PS)x,PSy),msg=px||py||kb)、W=Sm2_encrpt(key=(PSx,PSy),msg=px||py||kb||rb||sb) And the like.
The enhanced lock computation function is characterized by (r)a、sa、ea) When determined, fz (e)a,M,ra,sa) Is any polynomial time irreversible operation, including but not limited to: fz (e)a,M,ra,sa)=sm3(ea||M||ra||sa)、
Figure BDA0002719377320000051
fz(ea,M,ra,sa)=sm3(ea||M)、
Figure BDA0002719377320000052
And the like.
Drawings
Fig. 1 is a structural relationship block diagram of a cryptographic module application framework according to an embodiment of the present invention.
Fig. 2 is a flowchart of a working process of "locking of private key protection key and identity authentication" (local lock) according to an embodiment of the present invention.
Fig. 3 is a flowchart of an engineering process for "preventing authentication enumeration attack" in short (network enhanced lock), according to an embodiment of the present invention.
Detailed Description
The specific implementation mode is as follows: first, with reference to fig. 1, the revocable authentication relationship is established between a caller, a payer, and a support server that grasps a specific private key.
According to a method for associating the private key with the private key protection key, a random number is selected for any private key to be protected as the protection key, and a quadruple (ZA, M, r and s) equivalent expression private key and the protection key are assigned to the values of (k and d).
With reference to fig. 2, the locking method for protecting the secret key and identifying the identity according to the private key uses the formula 3 to calculate the difficult-to-crack triple (r)a、sa、kwa) Equivalent expression daKey information (ZA, M) and (k) of legitimate usera、da) The value of (c). When the legal user needs to use for daThen, the formula 4 is calculated by inputting (ZA, M).
Finally, referring to FIG. 3, according to the method for preventing IDENTIFICATION enumeration attack, the quintuple of IDENTIFICATION enumeration is prevented by computing formula 5 with the aid of the public key of the support server (W, r)b、sb、ra、sa) Equivalent expression daKey information (ZA, M) and (k) of legitimate usera、da) The value of (c). When the legal user needs to use for daBy inputting (ZA, M), with the aid of branchesAfter calculating formula 6 by the server private key, then calculating formula 4.
By using the invention, a pure software form password module is constructed, and the private key is used for protecting the working process of the locked local lock identified by the secret key and the identity, so that the secret key is hidden and protected, and the invention can prove that: attack ZA M without enumeration, using residual information (r)a、sa、kwa) The guessing of the key protection key is equivalent to guessing the private signature key from the SM2 signature file at the lowest cost.
The hidden state of the local lock of the cipher module for different times can be obtained by using different keys to protect the keys when ZA M is unchanged.
When the key is protected and the key is not changed, a plurality of residual information are utilized, and the assumption that the lowest cost of ZA M is equal to the enumeration of ZA M by using single residual information.
By using the invention, a pure software form password module is constructed, and the hidden protection is carried out on the secret key by utilizing the network enhanced lock working process described in [0029] and [0033], which can prove that:
after the network enhanced lock is operated, the key protection key, the signature private key, the encryption private key, the symmetric key and the random number are independent from each other to generate a state quintuple, and the generation and selection processes are not in mathematical connection.
The minimum cost of the key protection key is equivalent to the minimum cost of the private key ds of the W-inference support server SM2 from the caller client + the remaining programs and data of the client (including the information in the software module + the ZA | | | M value stored by the client).
From the support server residual information, the lowest cost of the speculative key protection key da is equivalent to the speculation of the private key kw of SM2 from px, pya
From caller client + server residual program and data (containing client-memorized ZA M value + server private key), presume that the minimum cost of key protection key is equal, and carry out arithmetic division on SM2 elliptic curve points to obtain kaOr da.
The method comprises the steps of obtaining a private key ds of the support server SM2 by arithmetic division or known plaintext conditions on SM2 elliptic curve points by supposing that the lowest cost of a key protection key is equal to the sum of programs and data (containing ZA | M value memorized by a client and not containing a server private key) left by a caller client, a caller and a server.

Claims (5)

1. A cryptographic algorithm private key protection method based on a repudiation authentication relationship is characterized by comprising the following steps: a repudiation authentication method of an asymmetric cryptographic algorithm (SM2), a private key and private key protection key association method, a locking method of the private key protection key and identity authentication, and a method for preventing identity authentication enumeration attack;
the SM2 repudiation authentication method is used for endowing a new mathematical relationship between an issuer (called for short) of a cryptographic algorithm calculation task and an executor (cryptographic for short) directly utilizing a private key to perform cryptographic algorithm calculation; the method for associating the private key and the private key protection key is used for the unpredictable mathematical relationship between the protected private key and the private key protection key;
the locking method of the private key protection key and the identity identification is used for extracting the private key protection key from the mathematical relationship between the private key and the private key protection key by using the identity identification and the identification information;
a method for preventing ID authentication enumeration attack is used for identifying and preventing enumeration attack attempt on ID and authentication information.
2. A deniable authentication method of SM2 according to claim 1, wherein the deniable authentication method is based on the mathematical relationship (formula 1) between signature private key d, signature value (r, s), signature computation process random number k in SM2 digital signature technique, let d be the random number negotiated between caller and verifier, and the verifier can confirm that the digital signature body quadruplet (ZA, M, r, s) is the true representation of intention M of caller ZA, but cannot prove to any third party;
Figure FDA0002719377310000011
callers, including but not limited to: the password module comprises a password module user, application software for calling the password module, service software for calling the password module, a program component for calling the password module and the like;
a cryptographic engine, including but not limited to: a cipher algorithm execution program, a cipher algorithm program component, a software cipher module, a cipher chip, a cipher module, a card type cipher machine, a server cipher machine and the like;
negotiated random numbers, including but not limited to: a random number negotiated using an RSA algorithm, a random number negotiated using an SM2 algorithm, a random number negotiated using a DH method, a random number negotiated using a Chebyshev polynomial, etc.
3. The method for associating a private key with a private key protection key according to claim 1, wherein the association method assigns an arbitrary private key and its protection key to (k, d) based on a mathematical relationship (formula 2) between a base point G, a signature private key d, signature values (r, s), a signature calculation process random number k, a signer identity ZA, and a message M to be signed in the SM2 digital signature technology, and equivalently expresses the mathematical relationship between (k, d) by taking the signature values (r, s); and combining, calculating (ZA, M) used in the (r, s) process, and assigning the values of the four-tuple (ZA, M, r, s) equivalent expression private keys and the protection keys thereof to (k, d).
Figure FDA0002719377310000021
4. The method of claim 1, wherein the locking method comprises using a locking calculation function based on SM2 digital signature technique to enable daIs a representation of the private key, kaProtecting the representation symbol of the secret key for any private key, (ZA, M) being daThe legal user authorizes to establish the expression symbol of the key protection relationship, and obtains formula 3 by the triple (r)a、sa、kwa) Equivalent expression daKey information (ZA, M) and (k) of legitimate usera、da) A value of (1), wherein kwaThe function value is calculated for lock. When d isaLegal user requires key informationInformation (k)a、da) Then, the calculation is carried out according to formula 4;
Figure FDA0002719377310000022
Figure FDA0002719377310000023
the locking computation function is characterized by (r)a、sa、ea) When determined, f (k)a,ea,ra,sa)、f-1(kwa,ea,ra,sa) The reciprocal polynomial time-reversible operation includes but is not limited to:
Figure FDA0002719377310000024
Figure FDA0002719377310000025
Figure FDA0002719377310000026
and the like.
5. The method as claimed in claim 1, wherein a third party computing entity (hereinafter referred to as a support server) is added between the caller and the password to establish a collaboration as shown in fig. 1. After the cipher enters the locked state by using the formula 3, let dsTo support the representation of the server private key, (PS)x、PSy) Is dsEquation 5 is solved using the enhanced locking computation function to obtain a quintuple (W, r) corresponding to the symbolic representation of the public key(s)b、sb、ra、sa) Equivalent expression daLegal useKey information (ZA, M) and (k) of the persona、da) The value of (c). When d isaThe legal user needs key information (k)a、da) Then, the support server assists to obtain a formula 6, and then obtains a formula 4 for calculation;
Figure FDA0002719377310000031
kwa≡(sb+rb)-1·(kb-sb) mod n equation 6
Quintuple (W, r)b、sb、ra、sa) Is characterized in that (px, py, k)b、rb、sb、ra、sa) The values of seven different sources are preserved simultaneously, wherein at least (px, py, k)b) Three kinds of information are protected by the private key of the supporting server, and the calculation of W includes but is not limited to Sm2 encrpt (key) (PS)x,PSy),msg=px||py||kb)、
W=Sm2_encrpt(key=(PSx,PSy),msg=px||py||kb||rb||sb) Etc.;
the enhanced lock computation function is characterized by (r)a、sa、ea) When determined, fz (e)a,M,ra,sa) Is any polynomial time irreversible operation, including but not limited to: fz (e)a,M,ra,sa)=sm3(ea||M||ra||sa)、
Figure FDA0002719377310000032
Figure FDA0002719377310000033
And the like.
CN202011083060.6A 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship Active CN112235115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011083060.6A CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011083060.6A CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Publications (2)

Publication Number Publication Date
CN112235115A true CN112235115A (en) 2021-01-15
CN112235115B CN112235115B (en) 2023-05-12

Family

ID=74112090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011083060.6A Active CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Country Status (1)

Country Link
CN (1) CN112235115B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948797A (en) * 2021-03-09 2021-06-11 北方实验室(沈阳)股份有限公司 Asymmetric key management system and method based on cooperative cryptographic algorithm

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101116281A (en) * 2005-02-10 2008-01-30 国际商业机器公司 Challenge-response signatures and secure diffie-hellman protocols
EP2150027A1 (en) * 2008-07-31 2010-02-03 Research In Motion Limited Systems and methods for preserving auditable records of an electronic device
CN102163267A (en) * 2010-02-22 2011-08-24 成都市华为赛门铁克科技有限公司 Solid state disk as well as method and device for secure access control thereof
CN103067401A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for key protection
CN103095455A (en) * 2013-01-10 2013-05-08 天地融科技股份有限公司 Storage method and storage system for private key of user
US20130191632A1 (en) * 2012-01-25 2013-07-25 Certivox, Ltd. System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
CN104539423A (en) * 2014-12-16 2015-04-22 熊荣华 Achievement method of certificate-less public key cryptosystem without bilinear pairing operation
CN108847942A (en) * 2018-06-03 2018-11-20 李维刚 A kind of authentication method and system based on mark public key
CN109474436A (en) * 2018-12-14 2019-03-15 电子科技大学 A kind of deniable authentication method and system
CN110113150A (en) * 2019-04-08 2019-08-09 淮阴工学院 The encryption method and system of deniable authentication based on no certificate environment

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101116281A (en) * 2005-02-10 2008-01-30 国际商业机器公司 Challenge-response signatures and secure diffie-hellman protocols
EP2150027A1 (en) * 2008-07-31 2010-02-03 Research In Motion Limited Systems and methods for preserving auditable records of an electronic device
CN102163267A (en) * 2010-02-22 2011-08-24 成都市华为赛门铁克科技有限公司 Solid state disk as well as method and device for secure access control thereof
US20130191632A1 (en) * 2012-01-25 2013-07-25 Certivox, Ltd. System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
CN103067401A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for key protection
CN103095455A (en) * 2013-01-10 2013-05-08 天地融科技股份有限公司 Storage method and storage system for private key of user
CN104539423A (en) * 2014-12-16 2015-04-22 熊荣华 Achievement method of certificate-less public key cryptosystem without bilinear pairing operation
CN108847942A (en) * 2018-06-03 2018-11-20 李维刚 A kind of authentication method and system based on mark public key
CN109474436A (en) * 2018-12-14 2019-03-15 电子科技大学 A kind of deniable authentication method and system
CN110113150A (en) * 2019-04-08 2019-08-09 淮阴工学院 The encryption method and system of deniable authentication based on no certificate environment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KASPER RASMUSSEN ET AL: "Weak and Strong Deniable Authenticated Encryption: On their Relationship and Applications", 《 2018 16TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST)》 *
张玉磊等: "具有隐私保护特性的证书否认认证加密方案", 《信息网络安全》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948797A (en) * 2021-03-09 2021-06-11 北方实验室(沈阳)股份有限公司 Asymmetric key management system and method based on cooperative cryptographic algorithm
CN112948797B (en) * 2021-03-09 2023-07-28 北方实验室(沈阳)股份有限公司 Asymmetric key management system and method based on collaborative cryptographic algorithm

Also Published As

Publication number Publication date
CN112235115B (en) 2023-05-12

Similar Documents

Publication Publication Date Title
Wang et al. A survey on privacy protection of blockchain: The technology and application
CN109309569B (en) SM2 algorithm-based collaborative signature method and device and storage medium
US11233659B2 (en) Method of RSA signature or decryption protected using a homomorphic encryption
CN109274503A (en) Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system
Williamson The aztec protocol
US9800418B2 (en) Signature protocol
JP7123959B2 (en) Elliptic curve point multiplication device and method
Goots et al. Modern Cryptography Protect your data with fast block CIPHERS
CN112436938B (en) Digital signature generation method and device and server
CN106685662A (en) White-box software realization method based on remainder system for commercial cipher SM2 encryption algorithm
Feng et al. White-box implementation of Shamir’s identity-based signature scheme
Diffie et al. New Directions in cryptography (1976)
Lee et al. Improvement on a masked white-box cryptographic implementation
US20230041237A1 (en) Key generation and pace with protection against side channel attacks
US20160359630A1 (en) Authentication methods, systems, devices, servers and computer program products
CN106850584A (en) A kind of anonymous authentication method of curstomer-oriented/server network
Zhou et al. White-box implementation of ECDSA based on the cloud plus side mode
CN112235115B (en) Secret key protection method of cryptographic algorithm based on repudiation authentication relationship
Saha et al. White-box cryptography based data encryption-decryption scheme for iot environment
CN111245615B (en) Digital signature password reverse firewall method based on identity
CN108737383A (en) A kind of anonymous authentication method obscured
Bhardwaj et al. HS1-RIV: Improved Efficiency for Authenticated Encryption
Lin et al. A new Feistel-type white-box encryption scheme
Paillier Paillier Encryption and Signature Schemes.
Pavithra et al. Blockchain-based criminal smart contract for symmetric key selling using ZK-SNARKs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant