WO2009143766A1 - Method, system for distributing key and method, system for online updating public key - Google Patents

Method, system for distributing key and method, system for online updating public key Download PDF

Info

Publication number
WO2009143766A1
WO2009143766A1 PCT/CN2009/071979 CN2009071979W WO2009143766A1 WO 2009143766 A1 WO2009143766 A1 WO 2009143766A1 CN 2009071979 W CN2009071979 W CN 2009071979W WO 2009143766 A1 WO2009143766 A1 WO 2009143766A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
entity
distribution center
public key
public
Prior art date
Application number
PCT/CN2009/071979
Other languages
French (fr)
Chinese (zh)
Inventor
铁满霞
曹军
赖晓龙
黄振海
Original Assignee
西安西电捷通无线网络通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安西电捷通无线网络通信有限公司 filed Critical 西安西电捷通无线网络通信有限公司
Publication of WO2009143766A1 publication Critical patent/WO2009143766A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the present invention relates to the field of information security technologies, and in particular, to a key distribution method and system, and a method and system for updating a public key online. Background technique
  • Key management is one of the key technologies when secure communication between communication network entities is required.
  • Small networks can use a method of sharing a key for each pair of users, but not in large networks.
  • a system with N users in order to achieve secure communication between any two users, it is necessary to generate and allocate N (N-1) 12 keys to ensure secure communication between any two users in the network.
  • N N
  • N 12 keys
  • a centralized key management method is usually adopted, and a trusted online server is used as a key distribution center (KDC, Key Distribution Center) or a key transfer center (KTC, Key Transportation Center).
  • KDC Key Distribution Center
  • KTC Key Transportation Center
  • the first entity A requests the key distribution center to distribute the key used for communication with the second entity B, and the key distribution center generates k to be transmitted to the first entity A and the second entity B, respectively.
  • the key distribution center and the A and the key distribution center and the pre-shared key encryption of B are implemented.
  • the first entity A requests the key distribution center to distribute the key used for communication with the second entity B, and is dense.
  • the key distribution center generates k to be passed to the first entity A, and is forwarded to the second entity B through A, and the transfer (transfer) process utilizes the pre-shared key of the key distribution center and the A and the key distribution center and B, respectively.
  • the first entity A transmits the communication key k with the second entity B to the key transfer center, and the key transfer center transfers to the second entity B, and the transfer process utilizes the key transfer center respectively.
  • the pre-shared key encryption with A and the key forwarding center and B is implemented; in FIG. 4, the first entity A transmits the communication key k with the second entity B to the key transfer center, the key transfer center Then, it is forwarded to the second entity B through A, and the transfer process is implemented by using the key transfer center and the pre-shared key encryption of the A and the key transfer center and B respectively.
  • each pair of entities can use a new communication key for each communication, but each user needs to save a share with the key distribution center or key transfer center.
  • the secret management key used for a long time, and for the key distribution center and the key transfer center not only need to store a huge number of secret management keys, but also bear a large security risk, because if there is a problem, it will directly Threatening the security of the entire system, and the above-mentioned key distribution methods do not have the perfect forward secrecy (PFS) of the key.
  • PFS forward secrecy
  • Embodiments of the present invention provide a key distribution method and an online update method, which reduce system key management complexity and support online update of a trusted third party's public key.
  • the key distribution center receives a key request message sent by the first entity before the secure communication is performed or when the communication session key needs to be updated, the key request message includes the first temporary public key of the first entity; Receiving, by the distribution center, a key request message sent by the second entity, where the key request message includes a second temporary public key of the second entity;
  • the key distribution center generates a communication session key for use between the entities, and encrypts the communication session key using the first temporary public key of the first entity, and calculates the signature using the private key of the key distribution center, and passes The key response message transmits the signature and the encrypted communication session key to the first entity; encrypting the communication session key using the second temporary public key of the second entity, and calculating the private key of the key distribution center Signing, and transmitting the signature and the encrypted communication session key to the second entity by using a key response message;
  • the first entity After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key of the first entity is used to decrypt and obtain the communication session key;
  • the second entity After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session is decrypted by using the second temporary private key of the second entity. Key.
  • a method for updating a public key in an online manner includes the following steps:
  • the key distribution center receives a public key request message sent by an entity, where the public key request message includes a random number generated by the entity;
  • the key distribution center After receiving the public key request message, the key distribution center returns a public key response message, and the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and an old private key of the key distribution center.
  • the entity After receiving the public key response message, the entity verifies whether the random number is the same as the random number contained in the public key request message sent by the entity; and uses the locally saved public key to verify whether the signature is correct, and if the verification passes, The new public key updates the locally stored public key.
  • the embodiment of the invention further provides a key distribution method for updating a public key online, comprising the following steps:
  • the first entity generates a pair of temporary public-private key pairs, and sends a key request message to the key distribution center, where the message includes the temporary public key of the first entity and the public key of the locally stored key distribution center;
  • the key distribution center After receiving the key request message sent by the first entity, the key distribution center generates a communication session key between the first entity and the second entity, and encrypts the communication session key by using the temporary public key of the first entity to form a first An ciphertext of an entity; determining whether the public key of the key distribution center carried in the key request message is an old public key or a new public key, and if the old public key is used, the ciphertext and the secret of the first entity are obtained through a key response message The new public key of the key distribution center and the signature are returned to the first entity, wherein the signature is calculated by using the old private key of the key distribution center for other fields in the key response message except the signature; if it is a new public key, Returning, by the key response message, the ciphertext and the signature of the first entity to the first entity, where the signature is calculated by using a new private key of the key distribution center for other fields in the key response message except the signature;
  • the first entity After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the first entity to obtain the communication session key; the second entity generates a pair of temporary public and private key pairs, and sends a key request message to the key distribution center, where the message includes the temporary public key of the second entity and The public key of the locally stored key distribution center;
  • the second entity After the key distribution center receives the key request message sent by the second entity, the second entity is used.
  • the public key encrypts the communication session key to form a second ciphertext, and determines whether the public key of the key distribution center carried in the key request message is an old public key or a new public key, and if it is an old public key,
  • the ciphertext of the second entity, the new public key of the key distribution center, and the signature forming key response message are returned to the second entity, wherein the signature is the old private key of the key distribution center, and the key response message is other than the signature.
  • the other field is calculated; if it is a new public key, the ciphertext and the signature of the second entity are returned to the second entity through the key response message, wherein the signature is in the key response message by using the new private key of the key distribution center. Fields other than signatures are calculated;
  • the second entity After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the second entity to obtain the communication session key.
  • the first entity is configured to generate a pair of temporary public-private key pairs, and send a key request message to the key distribution center, where the message includes a temporary public key of the first entity, and receives a key response message of the key distribution center; And generating a pair of temporary public-private key pairs, sending a key request message to the key distribution center, the message includes a temporary public key of the second entity, and receiving a key response message of the key distribution center; Responding to the key request of the first entity and the second entity; generating a communication session key for the entity and encrypting the communication session key; calculating the signature by using the private key of the key distribution center, And sending the signature and the encrypted communication session key to the first entity and the second entity by using a key response message;
  • the first entity After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the first temporary private key of the first entity. ;
  • the second entity After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the second temporary private key of the second entity.
  • the embodiment of the invention further provides a system for implementing online update of a public key, including:
  • An entity configured to generate a random number, send a public key request message to the key distribution center, the message includes the generated random number, and receives a public key response message of the key distribution center;
  • the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a signature made using the old private key of the key distribution center;
  • the entity verifies that the random number in the public key response message is the same as the random number generated by the entity, and uses the locally saved public key to verify whether the signature is correct. If the verification succeeds, the locally stored public key is updated with the new public key.
  • the invention is based on the principle of ternary peer-to-peer authentication (TePA), adopts public key cryptography technology, distributes keys for entities requiring communication through the key distribution center KDC, realizes secure distribution and dynamic update of communication keys, and has perfect
  • TePA ternary peer-to-peer authentication
  • the forward-secret PFS solves the problem that the traditional key distribution center needs to manage a large number of keys, the user needs to store the long-term secret key, and the communication key does not have forward confidentiality; and the present invention supports the key distribution center KDC.
  • the public key online update function improves security and reliability.
  • 1 to 4 are schematic diagrams of a key distribution method based on a key distribution center or a key transfer center in the prior art
  • FIG. 5 is a diagram of a key distribution method in an embodiment of the present invention.
  • FIG. 6 is a diagram of a method for updating a public key online according to an embodiment of the present invention. detailed description
  • the key distribution center has a pair of public and private key pairs X and ⁇ .
  • the communication entity should obtain the public key Px of the key distribution center before communication and store it locally.
  • the communication session key is obtained through the key distribution protocol.
  • the key distribution method using public key cryptography is as follows:
  • the first entity A generates a pair of temporary public and private key pairs a and Pa, and sends a key request message to the key distribution center, the key request message containing the temporary public key Pa of the first entity A;
  • the key distribution center After receiving the key request message sent by the first entity A, the key distribution center generates a communication session key k between the first entity A and the second entity B, and the key distribution center uses the first entity A.
  • the temporary public key Pa encrypts the communication session key k, and uses the private key X of the key distribution center to calculate its signature, and returns the signature and the encrypted communication session key to the first entity A through the key response message;
  • the first entity A After receiving the key response message, the first entity A uses the locally stored key distribution center
  • the public key Px performs signature verification, and after the verification is passed, the communication session key k is decrypted by using the temporary private key a of the first entity A;
  • the second entity B generates a pair of temporary public-private key pairs b and Pb, and sends a key request message to the key distribution center, the message containing the temporary public key Pb of the second entity B;
  • the key distribution center After receiving the key request message sent by the second entity B, the key distribution center encrypts the communication session key k between the first entity A and the second entity B by using the temporary public key Pb of the second entity B. Then, using the private key X of the key distribution center to calculate its signature, the signature and the encrypted communication session key are returned to the second entity B through the key response message;
  • the second entity B After receiving the key response message, the second entity B performs signature verification by using the public key Px of the locally stored key distribution center. After the verification is passed, the private session b of the temporary second entity B is used to decrypt the communication session. Key k;
  • the first entity A and the second entity B perform secure communication using the communication session key k as a session key.
  • the first entity A and the B do not need to store the respective temporary public-private key pairs, and may delete them in time, and re-generate the temporary public-private key when the confidential communication is started next time or the communication session key needs to be updated during the confidential communication process. Yes, the key request message is sent to the key distribution center, and the above steps are repeated to obtain a new session key.
  • the key request message and the key response message carry security parameters, and the encryption parameters, working mode, and working parameters are determined by using the carried security parameter negotiation.
  • the information of the other party's entity is carried in the key request message sent by the first entity A and the second entity B to the key distribution center, and the first entity and the second entity mutually determine the identity of the other party based on the information of the counterpart entity.
  • the key distribution method using the public key cryptography technique of the present invention can be extended to the application of the secret communication session key between three or more entities for each communication.
  • An embodiment of the present invention further provides a system for implementing key distribution, including:
  • the first entity is configured to generate a pair of temporary public-private key pairs, and send a key request message to the key distribution center, where the message includes a temporary public key of the first entity, and receives a key response message of the key distribution center; And generating a pair of temporary public-private key pairs, sending a key request message to the key distribution center, the message includes a temporary public key of the second entity, and receiving a key response message of the key distribution center; a key distribution center, configured to respond to a key request of the first entity and the second entity; generating a communication session key for the entity and encrypting the communication session key with the temporary public key of the entity; Calculating the signature of the key distribution center by using the private key of the key distribution center, and transmitting the signature and the encrypted communication session key to the first entity and the second entity through the key response message;
  • the first entity After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the first temporary private key of the first entity. ;
  • the second entity After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the second temporary private key of the second entity.
  • the system for implementing key distribution has one or more other entities that communicate with the first entity and/or the second entity.
  • the other one or more entities are configured to generate a pair of temporary public and private key pairs, and send a key request message to the key distribution center, where each request message includes a respective temporary public key, and receives a key of the key distribution center.
  • Response message
  • the key distribution center separately encrypts the communication session key by using a temporary public key of each of the other one or more entities; and calculating a signature by using a private key of the key distribution center, and respectively using a key response message
  • the signature and the encrypted communication session key are sent to the other one or more entities;
  • the other one or more entities After receiving the key response message, the other one or more entities perform signature verification using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key is decrypted to obtain the communication session secret. key.
  • the public and private key pairs of the key distribution center need to be updated periodically or dynamically, and the new public-private key pairs are respectively recorded as x' and ⁇ ', where the new public key ⁇ ' online notification
  • the entity sends a public key request message to the key distribution center;
  • the public key request message contains a random number r generated by the entity;
  • the key distribution center After receiving the public key request message, the key distribution center returns a public key response message; the public key response The message includes a random number r generated by the entity, a new public key Px of the key distribution center, and a signature made by the old private key X of the key distribution center;
  • the entity After receiving the public key response message, the entity verifies whether the random number is the same as the random number r contained in the public key request message sent by the entity; and uses the locally saved public key Px to verify whether the signature is correct; , then update the locally stored public key with the new public key Px.
  • each entity obtains a new public key through the above steps.
  • the public key request message further includes a public key of the key distribution center stored locally by the entity.
  • the key distribution center determines that the public key of the key distribution center carried by the key is the old public key. Px is also the new public key Px. If it is the new public key Px, the message is directly discarded. If it is the old public key Px, the public key response message is returned.
  • the key distribution center needs to know whether each entity obtains a new public key, and after receiving the public key response message and verifying the pass, the entity sends a public key update confirmation message to the key distribution center.
  • the present invention also provides a key distribution method for updating a public key online, and adding a public key update function in the above key distribution method, the steps of which are as follows:
  • the first entity A generates a pair of temporary public-private key pairs a and Pa, and sends a key request message to the key distribution center, the message including the temporary public key Pa of the first entity A and the publicly stored key distribution center Key
  • the key distribution center After receiving the key request message sent by the first entity A, the key distribution center generates a communication session key k between the first entity A and the second entity B, and the key distribution center uses the first entity A.
  • the temporary public key Pa encrypts the communication session key k to form the ciphertext cl of the first entity A, and determines whether the public key of the key distribution center carried in the key request message is the old public key Px or the new public key ⁇ ', if it is old
  • the public key Px returns the ciphertext cl, the new public key Px of the key distribution center, and the signature constituting key response message to the first entity A, wherein the signature is the old private key X pair key using the key distribution center In the response message, the field other than the signature is calculated; if it is the new public key Px, the ciphertext cl and the signature-constituting key response message are returned to the first entity A, wherein the signature is a new one using the key distribution center
  • the first entity A After receiving the key response message, the first entity A performs signature verification using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new key of the key distribution center Key Px,, then perform local storage update, and then use the temporary private key a of the first entity A to decrypt to obtain the communication session key k;
  • the second entity B generates a pair of temporary public-private key pairs b and Pb, and sends a key request message to the key distribution center, the message including the public key Pb of the temporary second entity B and the publicly stored key distribution center Key
  • the key distribution center After receiving the key request message sent by the second entity B, the key distribution center encrypts the communication session key k between the first entity A and the second entity B by using the temporary public key Pb of the second entity B.
  • the ciphertext c2 of the second entity B is formed to determine whether the public key of the key distribution center carried in the key request message is the old public key Px or the new public key Px, and if it is the old public key Px, the ciphertext c2 is obtained.
  • the new public key Px of the key distribution center and the signature-constituting key response message are returned to the second entity B, wherein the signature is the old private key X of the key distribution center, and the other fields other than the signature in the key response message If the new public key Px is obtained, the ciphertext c2 and the signature constituting key response message are returned to the second entity B, where the signature is a new private key x using the key distribution center, and the key response message is used. Fields other than signatures are calculated;
  • the second entity B After receiving the key response message, the second entity B performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key Px of the key distribution center, Then performing local storage update, and then decrypting the temporary session private key b of the second entity B to obtain the communication session key k;
  • the first entity A and the second entity B perform secure communication using the communication session key k as a session key.
  • the first entity A and the B do not need to store the respective temporary public-private key pairs, and may delete them in time, and re-generate the temporary public-private key when the confidential communication is started next time or the communication session key needs to be updated during the confidential communication process. Yes, the key request message is sent to the key distribution center, and the above steps are repeated to obtain a new session key.
  • the key request message and the key response message may carry security parameters, and use the carried security parameters to negotiate to determine an encryption algorithm, a working mode, and a working parameter.
  • the key request message sent by the first entity A and the second entity B to the key distribution center may carry the information of the counterpart entity.
  • the key distribution method for updating the public key of the present invention can be extended to three and three times for each communication.
  • the embodiment of the invention further provides a system for implementing online update of a public key, including:
  • An entity configured to generate a random number, send a public key request message to the key distribution center, the message includes the generated random number, and receives a public key response message of the key distribution center;
  • the key distribution center receives the public key request message sent by the entity, and returns a public key response message to the entity, where the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a key distribution center.
  • the signature of the old private key is a public key response message to the entity, where the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a key distribution center.
  • the entity verifies that the random number in the public key response message is the same as the random number generated by the entity, and uses the locally saved public key to verify whether the signature is correct. If the verification succeeds, the locally stored public key is updated with the new public key.
  • the key distribution center Before the entity sends a public key request message to the key distribution center, the key distribution center first issues a public key update notification to each entity.
  • the public key request message further includes a public key of a key distribution center stored locally by the entity; the key distribution center further includes:
  • a judging module configured to determine whether the public key of the key distribution center carried in the public key request message is an old public key or a new public key
  • a processing module if the determining module determines that the public key of the key distribution center is a new public key, directly discarding the message, and if it is determined that the public key of the key distribution center is an old public key, The public key response message informs the entity.
  • modules (functions) or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across multiple computing devices.
  • they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device, or they may be separately fabricated into individual integrated circuit modules, or Implementing multiple modules (functions) or steps in them into a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.

Abstract

A method for distributing key includes that: every time before performing a secret communication or when requiring to update a communication session key, a key distribution center receives a key request message sent by a entity, and generates a communication session key for using among entities, the communication session key is encrypted by using a temporary public key of the entity, and its signature is calculated by using a private key of the key distribution center, the signature and the encrypted communication session key are sent to the entity; after the entity receives the key response message, signature verification is performed by using the locally stored public key of the key distribution center; after signature verification has been passed, the communication session key is acquired by using decipherment of the temporary private key of the entity. The corresponding system for realizing key distribution, the system and method for online updating public key are provided by the invention. Safe distribution and dynamic updating of the communication key are realized by the invention, and online updating function of the public key of the forward secrecy support key distribution center is provided, furthermore, the reliability of communication security is improved.

Description

一种密钥分配方法及系统和在线更新公钥的方法及系统 本申请要求于 2008 年 05 月 26 日提交中国专利局、 申请号为 200810018298.3、发明名称为"一种利用公钥密码技术的密钥分配及其公钥在 线更新方法"的中国专利申请的优先权, 其全部内容通过引用结合在本申请 中。  Method and system for key distribution and method and system for updating public key online This application claims to be submitted to the Chinese Patent Office on May 26, 2008, the application number is 200810018298.3, and the invention name is "a secret using public key cryptography technology". Priority of Chinese Patent Application for "Key Distribution and Its Public Key Online Update Method", the entire contents of which are incorporated herein by reference.
技术领域 Technical field
本发明涉及信息安全技术领域,具体涉及一种密钥分配方法及系统和在 线更新公钥的方法及系统。 背景技术  The present invention relates to the field of information security technologies, and in particular, to a key distribution method and system, and a method and system for updating a public key online. Background technique
当通信网络实体之间需要进行保密通信时, 密钥管理是其中的关键技术 之一。 小型网络可采用每对用户共享一个密钥的方法, 但在大型网络中却不 可行。 一个具有 N个用户的系统, 为实现任意两个用户之间的保密通信, 则 需要生成和分配 N ( N-1 ) 12个密钥才能保证网络中任意两用户之间的保密 通信。 随着系统规模的增大, 复杂性剧增, 对于 N为 1000的网络而言, 就 需要约 50万个密钥进行分配、 存储等。 为了降低复杂性, 通常采用中心化 密钥管理方式, 由一个可信赖的联机月良务器作为密钥分配中心 (KDC, Key Distribution Center )或密钥转递中心 ( KTC, Key Transportation Center )来 实现, 图 1-4给出常见的几种基本模式, 其中 k为第一实体 A和第二实体 B 之间的通信会话密钥。  Key management is one of the key technologies when secure communication between communication network entities is required. Small networks can use a method of sharing a key for each pair of users, but not in large networks. A system with N users, in order to achieve secure communication between any two users, it is necessary to generate and allocate N (N-1) 12 keys to ensure secure communication between any two users in the network. As the size of the system increases, the complexity increases dramatically. For a network with N 1000, about 500,000 keys are needed for allocation, storage, and the like. In order to reduce the complexity, a centralized key management method is usually adopted, and a trusted online server is used as a key distribution center (KDC, Key Distribution Center) or a key transfer center (KTC, Key Transportation Center). Implementation, Figures 1-4 show several basic modes that are common, where k is the communication session key between the first entity A and the second entity B.
图 1中, 第一实体 A向密钥分配中心请求分发与第二实体 B通信所用 的密钥, 则密钥分配中心生成 k分别传递给第一实体 A和第二实体 B , 该传 递过程分别利用密钥分配中心与 A和密钥分配中心与 B的预共享密钥加密 实现; 图 2中, 第一实体 A向密钥分配中心请求分发与第二实体 B通信所 用的密钥, 则密钥分配中心生成 k传递给第一实体 A, 并通过 A转递给第二 实体 B, 该传(转)递过程分别利用密钥分配中心与 A和密钥分配中心与 B 的预共享密钥加密实现。  In FIG. 1, the first entity A requests the key distribution center to distribute the key used for communication with the second entity B, and the key distribution center generates k to be transmitted to the first entity A and the second entity B, respectively. The key distribution center and the A and the key distribution center and the pre-shared key encryption of B are implemented. In FIG. 2, the first entity A requests the key distribution center to distribute the key used for communication with the second entity B, and is dense. The key distribution center generates k to be passed to the first entity A, and is forwarded to the second entity B through A, and the transfer (transfer) process utilizes the pre-shared key of the key distribution center and the A and the key distribution center and B, respectively. Encryption implementation.
图 3中, 第一实体 A将与第二实体 B的通信密钥 k传送给密钥转递中 心, 密钥转递中心再传递给第二实体 B , 该传递过程分别利用密钥转递中心 与 A和密钥转递中心与 B的预共享密钥加密实现; 图 4中, 第一实体 A将 与第二实体 B的通信密钥 k传送给密钥转递中心, 密钥转递中心再通过 A 转递给第二实体 B, 该传(转)递过程分别利用密钥转递中心与 A和密钥转 递中心与 B的预共享密钥加密实现。 In FIG. 3, the first entity A transmits the communication key k with the second entity B to the key transfer center, and the key transfer center transfers to the second entity B, and the transfer process utilizes the key transfer center respectively. The pre-shared key encryption with A and the key forwarding center and B is implemented; in FIG. 4, the first entity A transmits the communication key k with the second entity B to the key transfer center, the key transfer center Then, it is forwarded to the second entity B through A, and the transfer process is implemented by using the key transfer center and the pre-shared key encryption of the A and the key transfer center and B respectively.
由于有密钥分配中心或密钥转递中心参与,可实现每对实体每次通信时 使用一个新的通信密钥,但各用户需保存一个与密钥分配中心或密钥转递中 心共享的较长期使用的秘密管理密钥,且对于密钥分配中心和密钥转递中心 而言, 不仅需存储数量巨大的秘密管理密钥, 而且承担较大的安全风险, 因 为其一旦出现问题将直接威胁整个系统的安全,再者上述这些密钥分配方法 均不具有密钥的完善前向保密性(PFS , Perfect Forward Secrecy )» 发明内容  Since a key distribution center or key transfer center participates, each pair of entities can use a new communication key for each communication, but each user needs to save a share with the key distribution center or key transfer center. The secret management key used for a long time, and for the key distribution center and the key transfer center, not only need to store a huge number of secret management keys, but also bear a large security risk, because if there is a problem, it will directly Threatening the security of the entire system, and the above-mentioned key distribution methods do not have the perfect forward secrecy (PFS) of the key.
本发明实施例提供一种密钥分配方法以及在线更新方法, 降低系统密钥 管理复杂度, 并支持可信第三方的公钥在线更新。  Embodiments of the present invention provide a key distribution method and an online update method, which reduce system key management complexity and support online update of a trusted third party's public key.
本发明实施例提供的一种密钥分配方法, 包括以下步骤:  A key distribution method provided by an embodiment of the present invention includes the following steps:
每次进行保密通信之前或在需要更新通信会话密钥时, 密钥分配中心接 收第一实体发来的密钥请求消息, 该密钥请求消息包含第一实体的第一临时 公钥; 密钥分配中心接收第二实体发来的密钥请求消息, 该密钥请求消息包 含第二实体的第二临时公钥;  The key distribution center receives a key request message sent by the first entity before the secure communication is performed or when the communication session key needs to be updated, the key request message includes the first temporary public key of the first entity; Receiving, by the distribution center, a key request message sent by the second entity, where the key request message includes a second temporary public key of the second entity;
密钥分配中心产生用于实体之间的通信会话密钥, 并使用第一实体的第 一临时公钥加密所述通信会话密钥, 并利用密钥分配中心的私钥计算其签 名, 并通过密钥响应消息将该签名及已加密的通信会话密钥发送给第一实 体; 使用第二实体的第二临时公钥加密所述通信会话密钥, 并利用密钥分配 中心的私钥计算其签名, 并通过密钥响应消息将该签名及已加密的通信会话 密钥发送给第二实体;  The key distribution center generates a communication session key for use between the entities, and encrypts the communication session key using the first temporary public key of the first entity, and calculates the signature using the private key of the key distribution center, and passes The key response message transmits the signature and the encrypted communication session key to the first entity; encrypting the communication session key using the second temporary public key of the second entity, and calculating the private key of the key distribution center Signing, and transmitting the signature and the encrypted communication session key to the second entity by using a key response message;
第一实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证; 验证通过后, 再利用第一实体的第一临时私钥解密得到通信会 话密钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key of the first entity is used to decrypt and obtain the communication session key;
第二实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证; 验证通过后, 利用第二实体的第二临时私钥解密得到通信会话 密钥。 After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session is decrypted by using the second temporary private key of the second entity. Key.
本发明实施例提供的一种在线更新公钥的方法, 包括以下步骤: 密钥分配中心接收实体发送的公钥请求消息,公钥请求消息包含实体产 生的随机数;  A method for updating a public key in an online manner according to an embodiment of the present invention includes the following steps: The key distribution center receives a public key request message sent by an entity, where the public key request message includes a random number generated by the entity;
密钥分配中心收到公钥请求消息后, 返回公钥响应消息, 公钥响应消息 包含实体产生的随机数、 密钥分配中心的新公钥及利用密钥分配中心的旧私 钥所做的签名;  After receiving the public key request message, the key distribution center returns a public key response message, and the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and an old private key of the key distribution center. Signature
实体收到公钥响应消息后,验证其中的随机数是否与实体发出的公钥请 求消息中包含的随机数相同; 利用本地保存的公钥验证其中的签名是否正 确, 若验证通过, 则以其中的新公钥更新本地存储的公钥。  After receiving the public key response message, the entity verifies whether the random number is the same as the random number contained in the public key request message sent by the entity; and uses the locally saved public key to verify whether the signature is correct, and if the verification passes, The new public key updates the locally stored public key.
本发明实施例还提供一种可在线更新公钥的密钥分配方法, 包括以下步 骤:  The embodiment of the invention further provides a key distribution method for updating a public key online, comprising the following steps:
第一实体产生一对临时公私钥对, 向密钥分配中心发送密钥请求消息, 该消息包含第一实体的临时公钥和本地存储的密钥分配中心的公钥;  The first entity generates a pair of temporary public-private key pairs, and sends a key request message to the key distribution center, where the message includes the temporary public key of the first entity and the public key of the locally stored key distribution center;
密钥分配中心收到第一实体发来的密钥请求消息后,产生第一实体和第 二实体之间的通信会话密钥,使用第一实体的临时公钥加密通信会话密钥后 形成第一实体的密文; 判断密钥请求消息携带的密钥分配中心的公钥是旧公 钥还是新公钥, 若为旧公钥, 则通过密钥响应消息将第一实体的密文、 密钥 分配中心的新公钥以及签名返回给第一实体, 其中签名是利用密钥分配中心 的旧私钥对密钥响应消息中除签名之外的其他字段计算得到; 若为新公钥, 则通过密钥响应消息将第一实体的密文与签名返回给第一实体,其中签名是 利用密钥分配中心的新私钥对密钥响应消息中除签名之外的其他字段计算 得到;  After receiving the key request message sent by the first entity, the key distribution center generates a communication session key between the first entity and the second entity, and encrypts the communication session key by using the temporary public key of the first entity to form a first An ciphertext of an entity; determining whether the public key of the key distribution center carried in the key request message is an old public key or a new public key, and if the old public key is used, the ciphertext and the secret of the first entity are obtained through a key response message The new public key of the key distribution center and the signature are returned to the first entity, wherein the signature is calculated by using the old private key of the key distribution center for other fields in the key response message except the signature; if it is a new public key, Returning, by the key response message, the ciphertext and the signature of the first entity to the first entity, where the signature is calculated by using a new private key of the key distribution center for other fields in the key response message except the signature;
第一实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公钥, 则 进行本地存储更新, 再利用第一实体的临时私钥解密得到通信会话密钥; 第二实体产生一对临时公私钥对, 向密钥分配中心发送密钥请求消息, 该消息包含第二实体的临时公钥和本地存储的密钥分配中心的公钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the first entity to obtain the communication session key; the second entity generates a pair of temporary public and private key pairs, and sends a key request message to the key distribution center, where the message includes the temporary public key of the second entity and The public key of the locally stored key distribution center;
密钥分配中心收到第二实体发来的密钥请求消息后,使用第二实体的临 时公钥将所述通信会话密钥加密后形成第二密文,判断密钥请求消息携带的 密钥分配中心的公钥是旧公钥还是新公钥, 若为旧公钥, 则将第二实体的密 文、 密钥分配中心的新公钥以及签名构成密钥响应消息返回给第二实体, 其 中签名是利用密钥分配中心的旧私钥对密钥响应消息中除签名之外的其他 字段计算得到; 若为新公钥, 则将第二实体的密文与签名通过密钥响应消息 返回给第二实体,其中签名是利用密钥分配中心的新私钥对密钥响应消息中 除签名之外的其他字段计算得到; After the key distribution center receives the key request message sent by the second entity, the second entity is used. The public key encrypts the communication session key to form a second ciphertext, and determines whether the public key of the key distribution center carried in the key request message is an old public key or a new public key, and if it is an old public key, The ciphertext of the second entity, the new public key of the key distribution center, and the signature forming key response message are returned to the second entity, wherein the signature is the old private key of the key distribution center, and the key response message is other than the signature. The other field is calculated; if it is a new public key, the ciphertext and the signature of the second entity are returned to the second entity through the key response message, wherein the signature is in the key response message by using the new private key of the key distribution center. Fields other than signatures are calculated;
第二实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公钥, 则 进行本地存储更新, 再利用第二实体的临时私钥解密得到通信会话密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the second entity to obtain the communication session key.
本发明实施例提供的一种实现密钥分配的系统, 包括:  A system for implementing key distribution according to an embodiment of the present invention includes:
第一实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第一实体的临时公钥,接收密钥分配中心的密钥响应消息; 第二实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第二实体的临时公钥,接收密钥分配中心的密钥响应消息; 密钥分配中心, 用于响应所述第一实体和第二实体的密钥请求; 产生用 于实体之间的通信会话密钥并对所述通信会话密钥进行加密; 利用密钥分配 中心的私钥计算其签名, 并通过密钥响应消息将该签名及已加密的通信会话 密钥发送给第一实体和第二实体;  The first entity is configured to generate a pair of temporary public-private key pairs, and send a key request message to the key distribution center, where the message includes a temporary public key of the first entity, and receives a key response message of the key distribution center; And generating a pair of temporary public-private key pairs, sending a key request message to the key distribution center, the message includes a temporary public key of the second entity, and receiving a key response message of the key distribution center; Responding to the key request of the first entity and the second entity; generating a communication session key for the entity and encrypting the communication session key; calculating the signature by using the private key of the key distribution center, And sending the signature and the encrypted communication session key to the first entity and the second entity by using a key response message;
所述第一实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 再利用第一实体的第一临时私钥解密得到 通信会话密钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the first temporary private key of the first entity. ;
所述第二实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 利用第二实体的第二临时私钥解密得到通 信会话密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the second temporary private key of the second entity.
本发明实施例还提供一种实现在线更新公钥的系统, 包括:  The embodiment of the invention further provides a system for implementing online update of a public key, including:
实体, 用于产生一随机数, 向密钥分配中心发送公钥请求消息, 该消息 包含所产生的随机数, 并接收密钥分配中心的公钥响应消息;  An entity, configured to generate a random number, send a public key request message to the key distribution center, the message includes the generated random number, and receives a public key response message of the key distribution center;
密钥分配中心, 接收实体发送的公钥请求消息, 并向所述实体返回公钥 响应消息, 公钥响应消息包含实体产生的随机数、 密钥分配中心的新公钥及 利用密钥分配中心的旧私钥所做的签名; a key distribution center, receiving a public key request message sent by the entity, and returning the public key to the entity In response to the message, the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a signature made using the old private key of the key distribution center;
实体验证公钥响应消息中的随机数是否与实体产生的随机数相同, 利用 本地保存的公钥验证其中的签名是否正确, 若验证通过, 则以其中的新公钥 更新本地存储的公钥。  The entity verifies that the random number in the public key response message is the same as the random number generated by the entity, and uses the locally saved public key to verify whether the signature is correct. If the verification succeeds, the locally stored public key is updated with the new public key.
本发明基于三元对等鉴别(TePA )原理, 采用公钥密码技术, 通过密钥 分配中心 KDC为需要通信的实体分发密钥, 实现了通信密钥的安全分发、 动态更新, 并具有完善的前向保密性 PFS, 解决了传统的密钥分配中心需要 管理大量密钥、用户需要存储长期秘密密钥且通信密钥不具备前向保密性等 问题; 同时本发明支持密钥分配中心 KDC的公钥在线更新功能, 提高了安 全可靠性。 附图说明  The invention is based on the principle of ternary peer-to-peer authentication (TePA), adopts public key cryptography technology, distributes keys for entities requiring communication through the key distribution center KDC, realizes secure distribution and dynamic update of communication keys, and has perfect The forward-secret PFS solves the problem that the traditional key distribution center needs to manage a large number of keys, the user needs to store the long-term secret key, and the communication key does not have forward confidentiality; and the present invention supports the key distribution center KDC. The public key online update function improves security and reliability. DRAWINGS
图 1一 4为现有技术中的基于密钥分配中心或密钥转递中心的密钥分配 方法示意图;  1 to 4 are schematic diagrams of a key distribution method based on a key distribution center or a key transfer center in the prior art;
图 5为本发明实施例中的密钥分配方法图;  FIG. 5 is a diagram of a key distribution method in an embodiment of the present invention; FIG.
图 6为本发明实施例中的公钥在线更新方法图。 具体实施方式  FIG. 6 is a diagram of a method for updating a public key online according to an embodiment of the present invention. detailed description
密钥分配中心具有一对公私钥对 X和 Ρχ, 通信实体在通信之前应事先 获得密钥分配中心的公钥 Px, 并进行本地存储。 当第一实体 A和第二实体 B需要进行保密通信时, 通过密钥分配协议获得通信会话密钥。  The key distribution center has a pair of public and private key pairs X and Ρχ. The communication entity should obtain the public key Px of the key distribution center before communication and store it locally. When the first entity A and the second entity B need to perform secure communication, the communication session key is obtained through the key distribution protocol.
参见图 5 , 本发明实施例中提供的利用公钥密码技术的密钥分配方法步 骤如下:  Referring to FIG. 5, the key distribution method using public key cryptography provided in the embodiment of the present invention is as follows:
1 )第一实体 A产生一对临时公私钥对 a和 Pa, 向密钥分配中心发送密 钥请求消息, 该密钥请求消息包含第一实体 A的临时公钥 Pa;  1) The first entity A generates a pair of temporary public and private key pairs a and Pa, and sends a key request message to the key distribution center, the key request message containing the temporary public key Pa of the first entity A;
2 ) 密钥分配中心收到第一实体 A发来的密钥请求消息后, 产生第一实 体 A和第二实体 B之间的通信会话密钥 k, 密钥分配中心使用第一实体 A 的临时公钥 Pa加密通信会话密钥 k,并利用密钥分配中心的私钥 X计算其签 名, 通过密钥响应消息将该签名及已加密通信会话密钥返回给第一实体 A;  2) After receiving the key request message sent by the first entity A, the key distribution center generates a communication session key k between the first entity A and the second entity B, and the key distribution center uses the first entity A. The temporary public key Pa encrypts the communication session key k, and uses the private key X of the key distribution center to calculate its signature, and returns the signature and the encrypted communication session key to the first entity A through the key response message;
3 )第一实体 A收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥 Px进行签名验证, 验证通过后, 再利用第一实体 A的临时私钥 a解密 得到通信会话密钥 k; 3) After receiving the key response message, the first entity A uses the locally stored key distribution center The public key Px performs signature verification, and after the verification is passed, the communication session key k is decrypted by using the temporary private key a of the first entity A;
4 )第二实体 B产生一对临时公私钥对 b和 Pb, 向密钥分配中心发送密 钥请求消息, 该消息包含第二实体 B的临时公钥 Pb;  4) The second entity B generates a pair of temporary public-private key pairs b and Pb, and sends a key request message to the key distribution center, the message containing the temporary public key Pb of the second entity B;
5 ) 密钥分配中心收到第二实体 B发来的密钥请求消息后, 将第一实体 A和第二实体 B之间的通信会话密钥 k使用第二实体 B的临时公钥 Pb加密 后并利用密钥分配中心的私钥 X计算其签名,通过密钥响应消息将该签名及 已加密的通信会话密钥返回给第二实体 B;  5) After receiving the key request message sent by the second entity B, the key distribution center encrypts the communication session key k between the first entity A and the second entity B by using the temporary public key Pb of the second entity B. Then, using the private key X of the key distribution center to calculate its signature, the signature and the encrypted communication session key are returned to the second entity B through the key response message;
6 )第二实体 B 收到密钥响应消息后, 利用本地存储的密钥分配中心 的公钥 Px进行签名验证, 验证通过后, 再利用临时第二实体 B的私钥 b 解密得到通信会话密钥 k;  6) After receiving the key response message, the second entity B performs signature verification by using the public key Px of the locally stored key distribution center. After the verification is passed, the private session b of the temporary second entity B is used to decrypt the communication session. Key k;
7 )第一实体 A和第二实体 B使用通信会话密钥 k作为会话密钥进行 保密通信。  7) The first entity A and the second entity B perform secure communication using the communication session key k as a session key.
其中, 第一实体 A和 B均不用存储各自的临时公私钥对, 可适时删除 之, 待下次开始保密通信时或在保密通信过程中需要更新通信会话密钥时, 重新再生成临时公私钥对, 向密钥分配中心发出密钥请求消息, 重复上述步 骤, 获得新的会话密钥。  The first entity A and the B do not need to store the respective temporary public-private key pairs, and may delete them in time, and re-generate the temporary public-private key when the confidential communication is started next time or the communication session key needs to be updated during the confidential communication process. Yes, the key request message is sent to the key distribution center, and the above steps are repeated to obtain a new session key.
密钥请求消息和密钥响应消息携带安全参数, 利用所携带的安全参数协 商确定加密算法、 工作模式、 工作参数。  The key request message and the key response message carry security parameters, and the encryption parameters, working mode, and working parameters are determined by using the carried security parameter negotiation.
在第一实体 A和第二实体 B发送给密钥分配中心的密钥请求消息中携 带对方实体的信息,基于对方实体的信息所述第一实体和第二实体相互确定 对方的身份。  The information of the other party's entity is carried in the key request message sent by the first entity A and the second entity B to the key distribution center, and the first entity and the second entity mutually determine the identity of the other party based on the information of the counterpart entity.
本发明的利用公钥密码技术的密钥分配方法均可推广到每次通信三个 及三个以上实体之间的保密通信会话密钥的分配应用。  The key distribution method using the public key cryptography technique of the present invention can be extended to the application of the secret communication session key between three or more entities for each communication.
本发明实施例还提供一种实现密钥分配的系统, 包括:  An embodiment of the present invention further provides a system for implementing key distribution, including:
第一实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第一实体的临时公钥,接收密钥分配中心的密钥响应消息; 第二实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第二实体的临时公钥,接收密钥分配中心的密钥响应消息; 密钥分配中心, 用于响应所述第一实体和第二实体的密钥请求; 产生用 于实体之间的通信会话密钥并利用实体的临时公钥对所述通信会话密钥进 行加密; 利用密钥分配中心的私钥计算其签名, 并通过密钥响应消息将该签 名及已加密的通信会话密钥发送给第一实体和第二实体; The first entity is configured to generate a pair of temporary public-private key pairs, and send a key request message to the key distribution center, where the message includes a temporary public key of the first entity, and receives a key response message of the key distribution center; And generating a pair of temporary public-private key pairs, sending a key request message to the key distribution center, the message includes a temporary public key of the second entity, and receiving a key response message of the key distribution center; a key distribution center, configured to respond to a key request of the first entity and the second entity; generating a communication session key for the entity and encrypting the communication session key with the temporary public key of the entity; Calculating the signature of the key distribution center by using the private key of the key distribution center, and transmitting the signature and the encrypted communication session key to the first entity and the second entity through the key response message;
所述第一实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 再利用第一实体的第一临时私钥解密得到 通信会话密钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the first temporary private key of the first entity. ;
所述第二实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 利用第二实体的第二临时私钥解密得到通 信会话密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the second temporary private key of the second entity.
所述的实现密钥分配的系统具有与第一实体和 /或第二实体进行相互通 信的其他一个或多个实体,  The system for implementing key distribution has one or more other entities that communicate with the first entity and/or the second entity.
所述其他一个或多个实体, 用于产生一对临时公私钥对, 分别向密钥分 配中心发送密钥请求消息, 各请求消息分别包含各自的临时公钥, 接收密钥 分配中心的密钥响应消息;  The other one or more entities are configured to generate a pair of temporary public and private key pairs, and send a key request message to the key distribution center, where each request message includes a respective temporary public key, and receives a key of the key distribution center. Response message
所述密钥分配中心使用所述其他一个或多个实体各自的临时公钥分别 加密所述通信会话密钥; 并利用密钥分配中心的私钥计算其签名, 并通过密 钥响应消息分别将该签名及已加密的通信会话密钥发送给所述其他一个或 多个实体;  The key distribution center separately encrypts the communication session key by using a temporary public key of each of the other one or more entities; and calculating a signature by using a private key of the key distribution center, and respectively using a key response message The signature and the encrypted communication session key are sent to the other one or more entities;
所述其他一个或多个实体在收到密钥响应消息后, 利用本地存储的密钥 分配中心的公钥进行签名验证; 验证通过后, 再利用各自的第一临时私钥解 密得到通信会话密钥。  After receiving the key response message, the other one or more entities perform signature verification using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key is decrypted to obtain the communication session secret. key.
处于安全性的考虑或为了满足通信业务的需求等, 密钥分配中心的公私 钥对需要定期或动态更新,新的公私钥对分别记为 x'和 Ρχ' ,其中新公钥 Ρχ' 在线通知给各通信实体的实施方法有如下两种:  In the case of security considerations or in order to meet the needs of the communication service, the public and private key pairs of the key distribution center need to be updated periodically or dynamically, and the new public-private key pairs are respectively recorded as x' and Ρχ', where the new public key Ρχ' online notification There are two ways to implement each communication entity:
参见图 6, 独立的密钥分配中心的公钥在线更新, 步骤如下:  See Figure 6. The public key of the independent key distribution center is updated online. The steps are as follows:
1 ) 实体向密钥分配中心发送公钥请求消息; 公钥请求消息包含实体产 生的随机数 r;  1) The entity sends a public key request message to the key distribution center; the public key request message contains a random number r generated by the entity;
2 ) 密钥分配中心收到公钥请求消息后, 返回公钥响应消息; 公钥响应 消息包含实体产生的随机数 r、密钥分配中心的新公钥 Px,及利用密钥分配中 心的旧私钥 X所做的签名; 2) After receiving the public key request message, the key distribution center returns a public key response message; the public key response The message includes a random number r generated by the entity, a new public key Px of the key distribution center, and a signature made by the old private key X of the key distribution center;
3 ) 实体收到公钥响应消息后, 验证其中的随机数是否与实体发出的公 钥请求消息中包含的随机数 r相同; 利用本地保存的公钥 Px验证其中的签 名是否正确; 若验证通过, 则以其中的新公钥 Px,更新本地存储的公钥。  3) After receiving the public key response message, the entity verifies whether the random number is the same as the random number r contained in the public key request message sent by the entity; and uses the locally saved public key Px to verify whether the signature is correct; , then update the locally stored public key with the new public key Px.
在具体应用中, 密钥分配中心先发出公钥更新通知给各实体后, 各实体 再通过上述步骤获得新公钥。  In a specific application, after the key distribution center first issues a public key update notification to each entity, each entity obtains a new public key through the above steps.
在具体应用中,公钥请求消息还包含实体本地存储的密钥分配中心的公 钥, 密钥分配中心收到公钥请求消息后, 判断其携带的密钥分配中心的公钥 是旧公钥 Px还是新公钥 Px,, 若为新公钥 Px,, 则直接丟弃该消息, 若为旧 公钥 Px, 则返回上述公钥响应消息。  In a specific application, the public key request message further includes a public key of the key distribution center stored locally by the entity. After receiving the public key request message, the key distribution center determines that the public key of the key distribution center carried by the key is the old public key. Px is also the new public key Px. If it is the new public key Px, the message is directly discarded. If it is the old public key Px, the public key response message is returned.
在具体应用中, 密钥分配中心需要得知各实体是否得到新公钥, 则实体 收到公钥响应消息并验证通过后, 向密钥分配中心发送公钥更新确认消息。  In a specific application, the key distribution center needs to know whether each entity obtains a new public key, and after receiving the public key response message and verifying the pass, the entity sends a public key update confirmation message to the key distribution center.
本发明还提供一种可在线更新公钥的密钥分配方法,在上述密钥分配方 法中添加公钥更新功能, 其步骤如下:  The present invention also provides a key distribution method for updating a public key online, and adding a public key update function in the above key distribution method, the steps of which are as follows:
1 )第一实体 A产生一对临时公私钥对 a和 Pa, 向密钥分配中心发送密 钥请求消息, 该消息包含第一实体 A的临时公钥 Pa和本地存储的密钥分配 中心的公钥;  1) The first entity A generates a pair of temporary public-private key pairs a and Pa, and sends a key request message to the key distribution center, the message including the temporary public key Pa of the first entity A and the publicly stored key distribution center Key
2 ) 密钥分配中心收到第一实体 A发来的密钥请求消息后, 产生第一实 体 A和第二实体 B之间的通信会话密钥 k, 密钥分配中心使用第一实体 A 的临时公钥 Pa加密通信会话密钥 k后形成第一实体 A的密文 cl , 判断密钥 请求消息携带的密钥分配中心的公钥是旧公钥 Px还是新公钥 Ρχ' ,若为旧公 钥 Px, 则将密文 cl、 密钥分配中心的新公钥 Px,以及签名构成密钥响应消息 返回给第一实体 A, 其中签名是利用密钥分配中心的旧私钥 X对密钥响应消 息中除签名之外的其他字段计算得到; 若为新公钥 Px,, 则将密文 cl与签名 构成密钥响应消息返回给第一实体 A, 其中签名是利用密钥分配中心的新私 钥 x,对密钥响应消息中除签名之外的其他字段计算得到;  2) After receiving the key request message sent by the first entity A, the key distribution center generates a communication session key k between the first entity A and the second entity B, and the key distribution center uses the first entity A. The temporary public key Pa encrypts the communication session key k to form the ciphertext cl of the first entity A, and determines whether the public key of the key distribution center carried in the key request message is the old public key Px or the new public key Ρχ ', if it is old The public key Px returns the ciphertext cl, the new public key Px of the key distribution center, and the signature constituting key response message to the first entity A, wherein the signature is the old private key X pair key using the key distribution center In the response message, the field other than the signature is calculated; if it is the new public key Px, the ciphertext cl and the signature-constituting key response message are returned to the first entity A, wherein the signature is a new one using the key distribution center The private key x is calculated for other fields than the signature in the key response message;
3 )第一实体 A收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公 钥 Px,, 则进行本地存储更新, 再利用第一实体 A的临时私钥 a解密得到通 信会话密钥 k; 3) After receiving the key response message, the first entity A performs signature verification using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new key of the key distribution center Key Px,, then perform local storage update, and then use the temporary private key a of the first entity A to decrypt to obtain the communication session key k;
4 )第二实体 B产生一对临时公私钥对 b和 Pb, 向密钥分配中心发送密 钥请求消息, 该消息包含临时第二实体 B的公钥 Pb和本地存储的密钥分配 中心的公钥;  4) The second entity B generates a pair of temporary public-private key pairs b and Pb, and sends a key request message to the key distribution center, the message including the public key Pb of the temporary second entity B and the publicly stored key distribution center Key
5 ) 密钥分配中心收到第二实体 B发来的密钥请求消息后, 将第一实体 A和第二实体 B之间的通信会话密钥 k使用第二实体 B的临时公钥 Pb加密 后形成第二实体 B的密文 c2, 判断密钥请求消息携带的密钥分配中心的公 钥是旧公钥 Px还是新公钥 Px,, 若为旧公钥 Px, 则将密文 c2、 密钥分配中 心的新公钥 Px,以及签名构成密钥响应消息返回给第二实体 B, 其中签名是 利用密钥分配中心的旧私钥 X对密钥响应消息中除签名之外的其他字段计算 得到; 若为新公钥 Px,, 则将密文 c2与签名构成密钥响应消息返回给第二实 体 B, 其中签名是利用密钥分配中心的新私钥 x,对密钥响应消息中除签名之 外的其他字段计算得到;  5) After receiving the key request message sent by the second entity B, the key distribution center encrypts the communication session key k between the first entity A and the second entity B by using the temporary public key Pb of the second entity B. The ciphertext c2 of the second entity B is formed to determine whether the public key of the key distribution center carried in the key request message is the old public key Px or the new public key Px, and if it is the old public key Px, the ciphertext c2 is obtained. The new public key Px of the key distribution center and the signature-constituting key response message are returned to the second entity B, wherein the signature is the old private key X of the key distribution center, and the other fields other than the signature in the key response message If the new public key Px is obtained, the ciphertext c2 and the signature constituting key response message are returned to the second entity B, where the signature is a new private key x using the key distribution center, and the key response message is used. Fields other than signatures are calculated;
6 )第二实体 B收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公 钥 Px,, 则进行本地存储更新, 再利用第二实体 B的临时私钥 b解密得到通 信会话密钥 k;  6) After receiving the key response message, the second entity B performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key Px of the key distribution center, Then performing local storage update, and then decrypting the temporary session private key b of the second entity B to obtain the communication session key k;
7 )第一实体 A和第二实体 B使用通信会话密钥 k作为会话密钥进行保 密通信。  7) The first entity A and the second entity B perform secure communication using the communication session key k as a session key.
其中, 第一实体 A和 B均不用存储各自的临时公私钥对, 可适时删除 之, 待下次开始保密通信时或在保密通信过程中需要更新通信会话密钥时, 重新再生成临时公私钥对, 向密钥分配中心发出密钥请求消息, 重复上述步 骤, 获得新的会话密钥。  The first entity A and the B do not need to store the respective temporary public-private key pairs, and may delete them in time, and re-generate the temporary public-private key when the confidential communication is started next time or the communication session key needs to be updated during the confidential communication process. Yes, the key request message is sent to the key distribution center, and the above steps are repeated to obtain a new session key.
密钥请求消息和密钥响应消息可携带安全参数, 利用所携带的安全参数 协商确定加密算法、 工作模式、 工作参数。  The key request message and the key response message may carry security parameters, and use the carried security parameters to negotiate to determine an encryption algorithm, a working mode, and a working parameter.
第一实体 A和第二实体 B发送给密钥分配中心的密钥请求消息中, 可 携带对方实体的信息。  The key request message sent by the first entity A and the second entity B to the key distribution center may carry the information of the counterpart entity.
本发明的公钥在线更新的密钥分配方法均可推广到每次通信三个及三 个以上实体之间的保密通信会话密钥的分配应用。 The key distribution method for updating the public key of the present invention can be extended to three and three times for each communication. The application of the secret communication session key between more than one entity.
本发明实施例还提供一种实现在线更新公钥的系统, 包括:  The embodiment of the invention further provides a system for implementing online update of a public key, including:
实体, 用于产生一随机数, 向密钥分配中心发送公钥请求消息, 该消息 包含所产生的随机数, 并接收密钥分配中心的公钥响应消息;  An entity, configured to generate a random number, send a public key request message to the key distribution center, the message includes the generated random number, and receives a public key response message of the key distribution center;
密钥分配中心, 接收实体发送的公钥请求消息, 并向所述实体返回公钥 响应消息, 公钥响应消息包含实体产生的随机数、 密钥分配中心的新公钥及 利用密钥分配中心的旧私钥所做的签名;  The key distribution center receives the public key request message sent by the entity, and returns a public key response message to the entity, where the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a key distribution center. The signature of the old private key;
实体验证公钥响应消息中的随机数是否与实体产生的随机数相同, 利用 本地保存的公钥验证其中的签名是否正确, 若验证通过, 则以其中的新公钥 更新本地存储的公钥。  The entity verifies that the random number in the public key response message is the same as the random number generated by the entity, and uses the locally saved public key to verify whether the signature is correct. If the verification succeeds, the locally stored public key is updated with the new public key.
实体向密钥分配中心发送公钥请求消息前, 密钥分配中心先发出公钥更 新通知给各实体。  Before the entity sends a public key request message to the key distribution center, the key distribution center first issues a public key update notification to each entity.
所述公钥请求消息还包含实体本地存储的密钥分配中心的公钥; 密钥分配中心还包括:  The public key request message further includes a public key of a key distribution center stored locally by the entity; the key distribution center further includes:
判断模块,用于判断公钥请求消息携带的密钥分配中心的公钥是旧公钥 还是新公钥;  a judging module, configured to determine whether the public key of the key distribution center carried in the public key request message is an old public key or a new public key;
处理模块, 若所述判断模块判定所述密钥分配中心的公钥为新公钥, 则 直接丟弃该消息, 若判定所述密钥分配中心的公钥为旧公钥, 则通过所述公 钥响应消息通知所述实体。  a processing module, if the determining module determines that the public key of the key distribution center is a new public key, directly discarding the message, and if it is determined that the public key of the key distribution center is an old public key, The public key response message informs the entity.
显然, 本领域的技术人员应该明白, 上述的本发明的各模块(功能)或 各步骤可以用通用的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布在多个计算装置所组成的网络上, 可选地, 它们可以用计算装置可 执行的程序代码来实现, 从而, 可以将它们存储在存储装置中由计算装置来 执行, 或者将它们分别制作成各个集成电路模块, 或者将它们中的多个模块 (功能)或步骤制作成单个集成电路模块来实现。 这样, 本发明不限制于任 何特定的硬件和软件结合。  It will be apparent to those skilled in the art that the various modules (functions) or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across multiple computing devices. Optionally, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device, or they may be separately fabricated into individual integrated circuit modules, or Implementing multiple modules (functions) or steps in them into a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的较佳实施例而已, 并非用于限定本发明的保护范 围。 凡在本发明的精神和原则之内所作的任何修改、 等同替换、 改进等, 均 包含在本发明的保护范围内。  The above description is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Any modifications, equivalents, improvements, etc. made within the spirit and scope of the invention are intended to be included within the scope of the invention.

Claims

权利 要求 书 Claim
1、 一种密钥分配方法, 其特征在于, 包括以下步骤: A key distribution method, comprising the steps of:
每次进行保密通信之前或在需要更新通信会话密钥时, 密钥分配中心接 收第一实体发来的密钥请求消息, 该密钥请求消息包含第一实体的第一临时 公钥; 密钥分配中心接收第二实体发来的密钥请求消息, 该密钥请求消息包 含第二实体的第二临时公钥;  The key distribution center receives a key request message sent by the first entity before the secure communication is performed or when the communication session key needs to be updated, the key request message includes the first temporary public key of the first entity; Receiving, by the distribution center, a key request message sent by the second entity, where the key request message includes a second temporary public key of the second entity;
密钥分配中心产生用于实体之间的通信会话密钥, 并使用第一实体的第 一临时公钥加密所述通信会话密钥, 并利用密钥分配中心的私钥计算其签 名, 并通过密钥响应消息将该签名及已加密的通信会话密钥发送给第一实 体; 使用第二实体的第二临时公钥加密所述通信会话密钥, 并利用密钥分配 中心的私钥计算其签名, 并通过密钥响应消息将该签名及已加密的通信会话 密钥发送给第二实体;  The key distribution center generates a communication session key for use between the entities, and encrypts the communication session key using the first temporary public key of the first entity, and calculates the signature using the private key of the key distribution center, and passes The key response message transmits the signature and the encrypted communication session key to the first entity; encrypting the communication session key using the second temporary public key of the second entity, and calculating the private key of the key distribution center Signing, and transmitting the signature and the encrypted communication session key to the second entity by using a key response message;
第一实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证; 验证通过后, 再利用第一实体的第一临时私钥解密得到通信会 话密钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key of the first entity is used to decrypt and obtain the communication session key;
第二实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证; 验证通过后, 利用第二实体的第二临时私钥解密得到通信会话 密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is obtained by decrypting the second temporary private key of the second entity.
2、 根据权利要求 1所述的密钥分配方法, 其特征在于, 还包括: 每次向密钥分配中心发送密钥请求消息之前, 所述第一实体提供一对新 的临时公私钥对: 第一临时公钥和第一临时私钥, 第二实体提供一对新的临 时公私钥对: 第二临时公钥和第二临时私钥。  2. The key distribution method according to claim 1, further comprising: each time a key request message is sent to the key distribution center, the first entity provides a pair of new temporary public-private key pairs: The first temporary public key and the first temporary private key, the second entity provides a pair of new temporary public and private key pairs: a second temporary public key and a second temporary private key.
3、 根据权利要求 1所述的密钥分配方法, 其特征在于, 所述密钥请求 消息和密钥响应消息携带安全参数, 该方法还包括:  The key distribution method according to claim 1, wherein the key request message and the key response message carry security parameters, and the method further includes:
利用所携带的安全参数协商确定加密算法、 工作模式、 工作参数。 The encryption algorithm, working mode, and working parameters are determined by using the carried security parameters.
4、 根据权利要求 1所述的密钥分配方法, 其特征在于, 所述第一实体 和第二实体发送给密钥分配中心的密钥请求消息携带对方实体的信息,基于 对方实体的信息所述第一实体和第二实体相互确定对方的身份。 The key distribution method according to claim 1, wherein the key request message sent by the first entity and the second entity to the key distribution center carries information of the counterpart entity, based on the information of the counterpart entity. The first entity and the second entity determine each other's identity.
5、 根据权利要求 1所述的密钥分配方法, 其特征在于, 系统中具有与 第一实体和 /或第二实体进行相互通信的其他一个或多个实体, 该方法还包 括: 5. The key distribution method according to claim 1, wherein the system has a The first entity and/or the second entity interact with one or more other entities, the method further comprising:
使用所述其他一个或多个实体的临时公钥分别加密所述通信会话密钥; 利用密钥分配中心的私钥计算其签名, 并通过密钥响应消息分别将该签 名及已加密的通信会话密钥发送给所述其他一个或多个实体。  Separating the communication session key with the temporary public key of the other one or more entities; calculating the signature by using the private key of the key distribution center, and respectively authenticating the signature and the encrypted communication session by using a key response message The key is sent to the other one or more entities.
6、 一种在线更新公钥的方法, 其特征在于, 包括以下步骤:  6. A method for updating a public key online, comprising the steps of:
密钥分配中心接收实体发送的公钥请求消息,公钥请求消息包含实体产 生的随机数;  The key distribution center receives a public key request message sent by the entity, and the public key request message includes a random number generated by the entity;
密钥分配中心收到公钥请求消息后, 返回公钥响应消息, 公钥响应消息 包含实体产生的随机数、 密钥分配中心的新公钥及利用密钥分配中心的旧私 钥所做的签名;  After receiving the public key request message, the key distribution center returns a public key response message, and the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and an old private key of the key distribution center. Signature
实体收到公钥响应消息后,验证其中的随机数是否与实体发出的公钥请 求消息中包含的随机数相同; 利用本地保存的公钥验证其中的签名是否正 确, 若验证通过, 则以其中的新公钥更新本地存储的公钥。  After receiving the public key response message, the entity verifies whether the random number is the same as the random number contained in the public key request message sent by the entity; and uses the locally saved public key to verify whether the signature is correct, and if the verification passes, The new public key updates the locally stored public key.
7、 根据权利要求 6所述的在线更新公钥的方法, 其特征在于, 实体向 密钥分配中心发送公钥请求消息前, 密钥分配中心先发出公钥更新通知给各 实体。  The method for updating a public key online according to claim 6, wherein before the entity sends the public key request message to the key distribution center, the key distribution center first issues a public key update notification to each entity.
8、 根据权利要求 6所述的公钥在线更新方法, 其特征在于, 所述公钥 请求消息还包含实体本地存储的密钥分配中心的公钥;  The public key online update method according to claim 6, wherein the public key request message further includes a public key of a key distribution center stored locally by the entity;
密钥分配中心收到公钥请求消息后,判断其携带的密钥分配中心的公钥 是旧公钥还是新公钥, 若为新公钥, 则直接丟弃该消息, 若为旧公钥, 则通 过所述公钥响应消息通知所述实体。  After receiving the public key request message, the key distribution center determines whether the public key of the key distribution center carried by the key distribution center is the old public key or the new public key. If it is a new public key, the message is directly discarded, if it is the old public key. And notifying the entity by the public key response message.
9、 根据权利要求 6所述的公钥在线更新方法, 其特征在于, 还包括: 实体以新公钥更新本地存储的公钥后, 向密钥分配中心发送公钥更新确 认消息。  The public key online update method according to claim 6, further comprising: after the entity updates the locally stored public key with the new public key, and sends a public key update confirmation message to the key distribution center.
10、一种可在线更新公钥的密钥分配方法,其特征在于, 包括以下步骤: 第一实体产生一对临时公私钥对, 向密钥分配中心发送密钥请求消息, 该消息包含第一实体的临时公钥和本地存储的密钥分配中心的公钥;  A key distribution method for updating a public key online, comprising the steps of: the first entity generating a pair of temporary public-private key pairs, and transmitting a key request message to the key distribution center, the message including the first The temporary public key of the entity and the public key of the locally stored key distribution center;
密钥分配中心收到第一实体发来的密钥请求消息后,产生第一实体和第 二实体之间的通信会话密钥,使用第一实体的临时公钥加密通信会话密钥后 形成第一实体的密文; 判断密钥请求消息携带的密钥分配中心的公钥是旧公 钥还是新公钥, 若为旧公钥, 则通过密钥响应消息将第一实体的密文、 密钥 分配中心的新公钥以及签名返回给第一实体, 其中签名是利用密钥分配中心 的旧私钥对密钥响应消息中除签名之外的其他字段计算得到; 若为新公钥, 则通过密钥响应消息将第一实体的密文与签名返回给第一实体,其中签名是 利用密钥分配中心的新私钥对密钥响应消息中除签名之外的其他字段计算 得到; After the key distribution center receives the key request message sent by the first entity, the first entity and the first a communication session key between the two entities, using the temporary public key of the first entity to encrypt the communication session key to form a ciphertext of the first entity; determining that the public key of the key distribution center carried by the key request message is the old public key Or the new public key, if it is the old public key, the ciphertext of the first entity, the new public key of the key distribution center, and the signature are returned to the first entity through the key response message, wherein the signature is the key distribution center The old private key is calculated in the key response message except for the signature; if it is a new public key, the ciphertext and the signature of the first entity are returned to the first entity through the key response message, wherein the signature is utilized The new private key of the key distribution center is calculated in the key response message except for the signature;
第一实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公钥, 则 进行本地存储更新, 再利用第一实体的临时私钥解密得到通信会话密钥; 第二实体产生一对临时公私钥对, 向密钥分配中心发送密钥请求消息, 该消息包含第二实体的临时公钥和本地存储的密钥分配中心的公钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the first entity to obtain the communication session key; the second entity generates a pair of temporary public and private key pairs, and sends a key request message to the key distribution center, where the message includes the temporary public key of the second entity and The public key of the locally stored key distribution center;
密钥分配中心收到第二实体发来的密钥请求消息后,使用第二实体的临 时公钥将所述通信会话密钥加密后形成第二密文,判断密钥请求消息携带的 密钥分配中心的公钥是旧公钥还是新公钥, 若为旧公钥, 则将第二实体的密 文、 密钥分配中心的新公钥以及签名构成密钥响应消息返回给第二实体, 其 中签名是利用密钥分配中心的旧私钥对密钥响应消息中除签名之外的其他 字段计算得到; 若为新公钥, 则将第二实体的密文与签名通过密钥响应消息 返回给第二实体,其中签名是利用密钥分配中心的新私钥对密钥响应消息中 除签名之外的其他字段计算得到;  After receiving the key request message sent by the second entity, the key distribution center encrypts the communication session key by using the temporary public key of the second entity to form a second ciphertext, and determines the key carried in the key request message. Whether the public key of the distribution center is the old public key or the new public key, and if it is the old public key, the ciphertext of the second entity, the new public key of the key distribution center, and the signature forming key response message are returned to the second entity. The signature is calculated by using the old private key of the key distribution center for other fields than the signature in the key response message; if it is a new public key, the ciphertext and signature of the second entity are returned by the key response message. Giving the second entity, wherein the signature is calculated by using a new private key of the key distribution center for other fields in the key response message other than the signature;
第二实体收到密钥响应消息后, 利用本地存储的密钥分配中心的公钥进 行签名验证, 验证通过后, 若密钥响应消息包含密钥分配中心的新公钥, 则 进行本地存储更新, 再利用第二实体的临时私钥解密得到通信会话密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center. After the verification is passed, if the key response message includes the new public key of the key distribution center, the local storage update is performed. And decrypting the temporary session private key of the second entity to obtain the communication session key.
11、 根据权利要求 10所述的密钥分配方法, 其特征在于, 所述密钥请 求消息和密钥响应消息携带安全参数, 该方法还包括:  The key distribution method according to claim 10, wherein the key request message and the key response message carry security parameters, and the method further includes:
利用所携带的安全参数协商确定加密算法、 工作模式、 工作参数。 The encryption algorithm, working mode, and working parameters are determined by using the carried security parameters.
12、 根据权利要求 10所述的密钥分配方法, 其特征在于, 所述第一实 体和第二实体发送给密钥分配中心的密钥请求消息携带对方实体的信息,基 于对方实体的信息所述第一实体和第二实体相互确定对方的身份。 The key distribution method according to claim 10, wherein the key request message sent by the first entity and the second entity to the key distribution center carries information of the counterpart entity, The first entity and the second entity determine the identity of the other party with respect to the information of the counterpart entity.
13、 根据权利要求 10所述的密钥分配方法, 其特征在于, 系统中具有 与第一实体和 /或第二实体进行相互通信的其他一个或多个实体,该方法还包 括:  The key distribution method according to claim 10, wherein the system has another one or more entities that communicate with the first entity and/or the second entity, and the method further includes:
使用所述其他一个或多个实体的临时公钥分别加密所述通信会话密钥; 利用密钥分配中心的私钥计算其签名, 并通过密钥响应消息分别将该签 名及已加密的通信会话密钥发送给所述其他一个或多个实体。  Separating the communication session key with the temporary public key of the other one or more entities; calculating the signature by using the private key of the key distribution center, and respectively authenticating the signature and the encrypted communication session by using a key response message The key is sent to the other one or more entities.
14、 一种实现密钥分配的系统, 其特征在于, 包括:  14. A system for implementing key distribution, comprising:
第一实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第一实体的临时公钥,接收密钥分配中心的密钥响应消息; 第二实体, 用于产生一对临时公私钥对, 向密钥分配中心发送密钥请求 消息,该消息包含第二实体的临时公钥,接收密钥分配中心的密钥响应消息; 密钥分配中心, 用于响应所述第一实体和第二实体的密钥请求; 产生用 于实体之间的通信会话密钥并对所述通信会话密钥进行加密; 利用密钥分配 中心的私钥计算其签名, 并通过密钥响应消息将该签名及已加密的通信会话 密钥发送给第一实体和第二实体;  The first entity is configured to generate a pair of temporary public-private key pairs, and send a key request message to the key distribution center, where the message includes a temporary public key of the first entity, and receives a key response message of the key distribution center; And generating a pair of temporary public-private key pairs, sending a key request message to the key distribution center, the message includes a temporary public key of the second entity, and receiving a key response message of the key distribution center; Responding to the key request of the first entity and the second entity; generating a communication session key for the entity and encrypting the communication session key; calculating the signature by using the private key of the key distribution center, And sending the signature and the encrypted communication session key to the first entity and the second entity by using a key response message;
所述第一实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 再利用第一实体的第一临时私钥解密得到 通信会话密钥;  After receiving the key response message, the first entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the first temporary private key of the first entity. ;
所述第二实体在收到密钥响应消息后, 利用本地存储的密钥分配中心的 公钥进行签名验证; 验证通过后, 利用第二实体的第二临时私钥解密得到通 信会话密钥。  After receiving the key response message, the second entity performs signature verification by using the public key of the locally stored key distribution center; after the verification is passed, the communication session key is decrypted by using the second temporary private key of the second entity.
15、 根据权利要求 14所述的实现密钥分配的系统, 其特征在于, 具有 与第一实体和 /或第二实体进行相互通信的其他一个或多个实体,  15. The system for implementing key distribution according to claim 14, characterized by having one or more other entities that communicate with the first entity and/or the second entity.
所述其他一个或多个实体, 用于产生一对临时公私钥对, 分别向密钥分 配中心发送密钥请求消息, 各请求消息分别包含各自的临时公钥, 接收密钥 分配中心的密钥响应消息;  The other one or more entities are configured to generate a pair of temporary public and private key pairs, and send a key request message to the key distribution center, where each request message includes a respective temporary public key, and receives a key of the key distribution center. Response message
所述密钥分配中心使用所述其他一个或多个实体各自的临时公钥分别 加密所述通信会话密钥; 并利用密钥分配中心的私钥计算其签名, 并通过密 钥响应消息分别将该签名及已加密的通信会话密钥发送给所述其他一个或 多个实体; The key distribution center encrypts the communication session key separately using respective temporary public keys of the other one or more entities; and calculates a signature by using a private key of the key distribution center, and passes the secret The key response message respectively sends the signature and the encrypted communication session key to the other one or more entities;
所述其他一个或多个实体在收到密钥响应消息后, 利用本地存储的密钥 分配中心的公钥进行签名验证; 验证通过后, 再利用各自的第一临时私钥解 密得到通信会话密钥。  After receiving the key response message, the other one or more entities perform signature verification using the public key of the locally stored key distribution center; after the verification is passed, the first temporary private key is decrypted to obtain the communication session secret. key.
16、 一种实现在线更新公钥的系统, 其特征在于, 包括:  16. A system for implementing an online update of a public key, comprising:
实体, 用于产生一随机数, 向密钥分配中心发送公钥请求消息, 该消息 包含所产生的随机数, 并接收密钥分配中心的公钥响应消息;  An entity, configured to generate a random number, send a public key request message to the key distribution center, the message includes the generated random number, and receives a public key response message of the key distribution center;
密钥分配中心, 接收实体发送的公钥请求消息, 并向所述实体返回公钥 响应消息, 公钥响应消息包含实体产生的随机数、 密钥分配中心的新公钥及 利用密钥分配中心的旧私钥所做的签名;  The key distribution center receives the public key request message sent by the entity, and returns a public key response message to the entity, where the public key response message includes a random number generated by the entity, a new public key of the key distribution center, and a key distribution center. The signature of the old private key;
实体验证公钥响应消息中的随机数是否与实体产生的随机数相同, 利用 本地保存的公钥验证其中的签名是否正确, 若验证通过, 则以其中的新公钥 更新本地存储的公钥。  The entity verifies that the random number in the public key response message is the same as the random number generated by the entity, and uses the locally saved public key to verify whether the signature is correct. If the verification succeeds, the locally stored public key is updated with the new public key.
17、 根据权利要求 16所述的实现在线更新公钥的系统, 其特征在于, 实体向密钥分配中心发送公钥请求消息前, 密钥分配中心先发出公钥更新通 知给各实体。  17. The system for implementing an online update public key according to claim 16, wherein the key distribution center first issues a public key update notification to each entity before the entity sends the public key request message to the key distribution center.
18、 根据权利要求 16所述的实现公钥在线更新的系统, 其特征在于, 所述公钥请求消息还包含实体本地存储的密钥分配中心的公钥;  The system for implementing online update of a public key according to claim 16, wherein the public key request message further includes a public key of a key distribution center stored locally by the entity;
密钥分配中心还包括:  The key distribution center also includes:
判断模块,用于判断公钥请求消息携带的密钥分配中心的公钥是旧公钥 还是新公钥;  a judging module, configured to determine whether the public key of the key distribution center carried in the public key request message is an old public key or a new public key;
处理模块, 若所述判断模块判定所述密钥分配中心的公钥为新公钥, 则 直接丟弃该消息, 若判定所述密钥分配中心的公钥为旧公钥, 则通过所述公 钥响应消息通知所述实体。  a processing module, if the determining module determines that the public key of the key distribution center is a new public key, directly discarding the message, and if it is determined that the public key of the key distribution center is an old public key, The public key response message informs the entity.
PCT/CN2009/071979 2008-05-26 2009-05-26 Method, system for distributing key and method, system for online updating public key WO2009143766A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2008100182983A CN101286842B (en) 2008-05-26 2008-05-26 Method for distributing key using public key cryptographic technique and on-line updating of the public key
CN200810018298.3 2008-05-26

Publications (1)

Publication Number Publication Date
WO2009143766A1 true WO2009143766A1 (en) 2009-12-03

Family

ID=40058826

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/071979 WO2009143766A1 (en) 2008-05-26 2009-05-26 Method, system for distributing key and method, system for online updating public key

Country Status (2)

Country Link
CN (1) CN101286842B (en)
WO (1) WO2009143766A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147247A (en) * 2020-03-09 2020-05-12 广东电网有限责任公司电力调度控制中心 Key updating method, key updating device, computer equipment and storage medium
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101286842B (en) * 2008-05-26 2011-04-06 西安西电捷通无线网络通信股份有限公司 Method for distributing key using public key cryptographic technique and on-line updating of the public key
CN101286840B (en) * 2008-05-29 2014-07-30 西安西电捷通无线网络通信股份有限公司 Key distributing method and system using public key cryptographic technique
WO2011063566A1 (en) * 2009-11-27 2011-06-03 西安西电捷通无线网络通信股份有限公司 System for establishing secret session between entities based on multiple key distribution centers and method thereof
CN104468074A (en) * 2013-09-18 2015-03-25 北京三星通信技术研究有限公司 Method and equipment for authentication between applications
CN106797311B (en) 2014-08-29 2020-07-14 维萨国际服务协会 System, method and storage medium for secure password generation
BR112017014632B1 (en) 2015-01-27 2023-12-26 Visa International Service Association METHOD IMPLEMENTED BY COMPUTER, COMPUTER SYSTEM, AND COMPUTER READABLE MEDIA
US9801055B2 (en) * 2015-03-30 2017-10-24 Qualcomm Incorporated Authentication and key agreement with perfect forward secrecy
CN106921623B (en) * 2015-12-25 2020-06-05 航天信息股份有限公司 Identification key updating method and system
CN108111524A (en) * 2017-12-28 2018-06-01 广州江南科友科技股份有限公司 Terminal data protection method and system based on private key dynamic generation mechanism
CN110602058B (en) * 2019-08-22 2020-10-30 卓尔智联(武汉)研究院有限公司 Chip activation device, method and computer readable storage medium
CN111708990A (en) * 2020-05-15 2020-09-25 支付宝(杭州)信息技术有限公司 Applet starting method, signature method, device, server and medium
CN113796058B (en) * 2021-02-27 2022-08-19 华为技术有限公司 Key transmission method and device
CN113839786B (en) * 2021-10-29 2023-06-09 郑州信大捷安信息技术股份有限公司 Key distribution method and system based on SM9 key algorithm

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101097646A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Public-key updating method and bank card terminal based on the method
CN101286842A (en) * 2008-05-26 2008-10-15 西安西电捷通无线网络通信有限公司 Method for distributing key using public key cryptographic technique and on-line updating of the public key

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4328748B2 (en) * 2005-08-23 2009-09-09 株式会社エヌ・ティ・ティ・ドコモ Key update method, key-isolated encryption system, and terminal device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101097646A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Public-key updating method and bank card terminal based on the method
CN101286842A (en) * 2008-05-26 2008-10-15 西安西电捷通无线网络通信有限公司 Method for distributing key using public key cryptographic technique and on-line updating of the public key

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147247A (en) * 2020-03-09 2020-05-12 广东电网有限责任公司电力调度控制中心 Key updating method, key updating device, computer equipment and storage medium
CN113556355A (en) * 2021-07-30 2021-10-26 广东电网有限责任公司 Key processing system and method for intelligent equipment of power distribution network

Also Published As

Publication number Publication date
CN101286842A (en) 2008-10-15
CN101286842B (en) 2011-04-06

Similar Documents

Publication Publication Date Title
WO2009143766A1 (en) Method, system for distributing key and method, system for online updating public key
JP6799061B2 (en) Secure multi-party loss resistant storage and transfer of cryptographic keys for blockchain-based systems combined with wallet management systems
Harn et al. Authenticated group key transfer protocol based on secret sharing
WO2009143765A1 (en) Key distributing method, public key of key distribution centre online updating method and device
US6987855B1 (en) Operational optimization of a shared secret Diffie-Hellman key exchange among broadcast or multicast groups
US8386780B2 (en) Cryptographic communication system, terminal device, server, and decryption method
US7181014B1 (en) Processing method for key exchange among broadcast or multicast groups that provides a more efficient substitute for Diffie-Hellman key exchange
US20060159269A1 (en) Cryptographic system for resource starved CE device secure upgrade and re-configuration
JP2003298568A (en) Authenticated identification-based cryptosystem with no key escrow
WO2009135444A1 (en) Key distribution method, terminal device and key distribution center
US20230188325A1 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
CN110493272B (en) Communication method and communication system using multiple keys
US11528127B2 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
Rizvi et al. A trusted third-party (TTP) based encryption scheme for ensuring data confidentiality in cloud environment
Chien et al. Efficient MQTT platform facilitating secure group communication
GB2543359A (en) Methods and apparatus for secure communication
Qin et al. Strongly secure and cost-effective certificateless proxy re-encryption scheme for data sharing in cloud computing
Xingliang et al. A new authentication scheme for wireless ad hoc network
KR20040013966A (en) Authentication and key agreement scheme for mobile network
CN113918971A (en) Block chain based message transmission method, device, equipment and readable storage medium
CN114285550A (en) Quantum security key service network, system and node device
Mishra et al. A certificateless authenticated key agreement protocol for digital rights management system
JPH11187008A (en) Delivering method for cryptographic key
CN112019553A (en) Data sharing method based on IBE/IBBE
Mulkey et al. Towards an efficient protocol for privacy and authentication in wireless networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09753484

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09753484

Country of ref document: EP

Kind code of ref document: A1