CN101908959A - Method, equipment and system thereof for establishing shared key - Google Patents

Method, equipment and system thereof for establishing shared key Download PDF

Info

Publication number
CN101908959A
CN101908959A CN 201010240096 CN201010240096A CN101908959A CN 101908959 A CN101908959 A CN 101908959A CN 201010240096 CN201010240096 CN 201010240096 CN 201010240096 A CN201010240096 A CN 201010240096A CN 101908959 A CN101908959 A CN 101908959A
Authority
CN
China
Prior art keywords
node
key
privately owned
pgc
owned message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 201010240096
Other languages
Chinese (zh)
Other versions
CN101908959B (en
Inventor
郑强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Watchdata Co ltd
Original Assignee
Beijing WatchData System Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing WatchData System Co Ltd filed Critical Beijing WatchData System Co Ltd
Priority to CN2010102400960A priority Critical patent/CN101908959B/en
Publication of CN101908959A publication Critical patent/CN101908959A/en
Application granted granted Critical
Publication of CN101908959B publication Critical patent/CN101908959B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method, equipment and a system thereof for establishing a shared key so as to improve the cracking difficulty of a shared key used between nodes and the safety of communication between the nodes. In the method, a first node is used for transmitting a key request message to a private key generating center (PGC); the PGC is used for generating a private message QID corresponding to the first node according to the identity information of the first node and a system main key and encrypting and transmitting the QID to the first node; the first node is used for decrypting the received QID and generating a private key corresponding to the first node according to the decrypted QID and a first random number generated by the first node; and when the first node is communicated with the second node, a shared key for communicating the first node and the second node is generated according to the private key and the identity information of the second node. By adopting the technical scheme of the invention, the cracking difficulty of the shared key and the safety of communication between the nodes are improved.

Description

A kind of method, equipment and system thereof of sharing key that set up
Technical field
The present invention relates to the communications field, relate in particular to a kind of method, equipment and system thereof of sharing key that set up.
Background technology
At present, node between when communicating, be the fail safe that guarantees communication, node between come the packet that communicates is carried out encrypting and decrypting by sharing key, the generating mode of the shared key between the node is varied, and wherein topmost mode has following several:
Mode one, based on the key management system of user identity set up node to shared key.Cryptographic system based on identity has the simple characteristic of calculating, be applicable to the network of energy constraint, Ad Hoc network for example, but the defective that adopts this kind mode to be brought is: PGC (Private Key Generate Center, private key generates the center) know the private key of each node, if the lawless person signs in to PGC, and have a mind to play the part of any one user with the identity of PGC, the private key of each node be can easy to doly obtain, thereby node and internodal shared key known easily.Therefore, adopt this kind mode, the private key of node easily is cracked, thereby causes internodal shared key easily to be acquired, and fail safe is lower, and is unreliable.
Mode two, in conjunction with Diffie-Hellman with based on the key agreement protocol of identity key.This scheme authenticates node in the process of key agreement, to solve the problem of being attacked in the DH IKE, further improves fail safe.But the defective that it brought is: the key passage that PGC must be by safety sends to the user with the private key information of node, promptly need between PGC and user, set up the cryptochannel of safety, yet the cryptochannel cost of foundation safety is higher and exploitativeness in wireless network is relatively poor.
Mode three, generate based on a discrete mathematics difficult problem or Diffie-Hellman algorithm and to share key.The privately owned message Q that node generates for this node according to PGC IDRandom number with node self generates generate private key, but the defective of this kind mode is: PGC will be the Q of this node generation IDDirectly send to this node by common signal channel, therefore, this Q IDBe easy to be intercepted and captured by other nodes or lawless person, if this node generates the random number leakage or is stolen, then other nodes or lawless person can be easy to do according to the Q that intercepts and captures IDObtain the private key of this node with the random number of revealing, thereby, can be easy to crack this node and other internodal shared keys, fail safe is lower, reliability is relatively poor.
Therefore, press for a kind of method that decryption key is shared in the higher and foundation that is easy to realize of difficulty that cracks at present.
Summary of the invention
The invention provides a kind of method, equipment and system thereof of sharing key that set up, crack difficulty, the fail safe that improves inter-node communication with what improve the shared key that uses between the node.
A kind of method of sharing key of setting up comprises:
First node generates center P GC to key and sends the key request message;
When described PGC receives described key request message,, generate the privately owned message Q corresponding with this first node according to identity information and system's master key of described first node ID, and with described privately owned message Q IDSend to described first node after encrypting;
The privately owned message Q of described first node after to the encryption that receives IDBe decrypted, and according to the privately owned message Q after the deciphering IDFirst random number with first node self generates generates the private key corresponding with this first node;
Described first node according to the identity information of described private key, Section Point, generates the shared key that described first node and described Section Point communicate when communicating with Section Point.
A kind of key generates the center, comprising:
Receiver module is used for the key generation request message that receiving node sends;
Privately owned message generation module when being used for that key generates request message under described receiver module receives, according to identity information and system's master key of described node, generates the privately owned message Q corresponding with this node ID
Encrypting module is used for the privately owned message Q that described privately owned message generation module is generated IDEncrypt;
Sending module is used for described encrypting module is encrypted privately owned message Q afterwards IDSend to described node.
A kind of node comprises:
Sending module is used for generating center P GC to key and sends the key request message;
Receiver module is used to receive that described PGC sends and the corresponding privately owned message Q of described node ID
Deciphering module is used for the privately owned message Q that described receiver module is received IDBe decrypted;
The private key generation module is used for the privately owned message Q that obtains according to described deciphering module deciphering IDFirst random number with described node self generates generates the private key corresponding with described node;
Share key production module, be used for when communicating,, generate the shared key that described node and described Section Point communicate according to the private key of described private key generation module generation, the identity information of Section Point with Section Point.
A kind of system of sharing key that sets up comprises:
Key generates center P GC, is used to receive the key request message that first node sends; According to identity information and system's master key of described first node, for this first node generates privately owned message Q ID, and should privately owned message Q IDSend to described first node after encrypting;
Described first node is used for the described privately owned message Q to receiving IDBe decrypted, and according to the privately owned message Q after the deciphering ID, first random number that generates of first node self, generate the private key corresponding with this first node; And when communicating,, generate the shared key that described first node and described Section Point communicate according to the identity information of described private key, Section Point with Section Point.
In the embodiment of the invention, because the privately owned message Q of PGC to generating IDEncrypt, thereby make, though the random number that this node generates reveal or be stolen because other nodes or lawless person can't be to the privately owned message Q that encrypts IDBe decrypted, can not obtain the private key of this node easily, thereby can not crack the shared key of enabling communication between nodes, improved the difficulty that cracks of sharing key between the node then, improved fail safe, the reliability of inter-node communication.
Description of drawings
Fig. 1 sets up the method flow diagram of sharing key in the embodiment of the invention;
Fig. 2 is the structural representation that each node generates private key in the embodiment of the invention by PGC;
Fig. 3 sets up the method flow diagram of sharing key in the embodiment of the invention;
Fig. 4 is the structural representation that key generates the center in the embodiment of the invention;
Fig. 5 is the structural representation of node in the embodiment of the invention.
Embodiment
For solving the technical problem that prior art exists, the embodiment of the invention provides a kind of method of sharing key of setting up, and this method comprises: node sends the key request message to PGC; When PGC receives the key request message that node sends, according to the system parameters of the identity information and the system initialization of this node, for this node generates privately owned message Q ID, to this privately owned message Q IDSend to node after encrypting; Privately owned message Q after the encryption that node receives IDBe decrypted, and judge this privately owned message Q IDWhether be that PGC issues, if, random number and the privately owned message Q that generates according to node self then ID, generate and this node corresponding private key; This node according to the private key of self and the identity information of Section Point, generates the shared key between this node and the Section Point when communicating with Section Point.Adopt technical solution of the present invention, because the privately owned message Q of PGC to generating IDEncrypt, thereby make, though the random number that this node generates reveal or be stolen because other nodes or lawless person can't be to the privately owned message Q after encrypting IDBe decrypted, can not obtain the private key of this node easily, thereby can not crack the shared key of enabling communication between nodes, improved the difficulty that cracks of sharing key between the node then, improve fail safe, the reliability of inter-node communication.
In the embodiment of the invention, in order to improve security reliability, the generation of the key that relates to and the generation of privately owned message, can be based on a discrete mathematics difficult problem or a Diffie-Hellman difficult problem, below it will be appreciated by those skilled in the art that, a discrete mathematics difficult problem and a Diffie-Hellman difficult problem that is applied in the embodiment of the invention is described in detail.
Calculate a discrete logarithm difficult problem: establish G 1Be that rank are the module of q, wherein q is a big prime number, supposes P ∈ G 1, P ∈ G 1, Q ∈ G 1, and P, Q is satisfied to concern that Q=nP, known P, Q, computes integer n are mathematical problems that is difficult to resolve.
Calculate a Diffie-Hellman difficult problem: establish G 1, G 2Be respectively that rank are module and the multiplicative group of q, wherein q is a big prime number.At bilinearity mapping e:G 1* G 2→ G 2In, establishing P is G 1Primitive element, for a, b ∈ Z arbitrarily p, given P, aP, bP ∈ G 1, calculating abP is the mathematical problem that is difficult to resolve.
Below in conjunction with Figure of description technical solution of the present invention is described in detail.
Referring to Fig. 1, for setting up the method flow diagram of sharing key in the embodiment of the invention, this flow process may further comprise the steps:
Step 101, node N send the key request message to PGC.
In this step, portability has the identity information ID of this node N in the key request message N, node N can send this key request message to PGC with the forms of broadcasting.
Step 102, PGC are when receiving the key request message of this node N transmission, according to the identity information ID of this node N NWith the master key s of system initialization definition, N generates privately owned message for this node
Figure BSA00000209722100051
And to this privately owned message
Figure BSA00000209722100052
Send to node N after encrypting.
In this step, PGC both can generate privately owned message according to the identity information of the node N that carries in the key request message
Figure BSA00000209722100053
Also can generate privately owned message according to the identity information of this node N of PGC storage
Figure BSA00000209722100054
In this step, the privately owned message after PGC will encrypt Be sent to node N by common signal channel.
Privately owned message after step 103, node N encrypt this
Figure BSA00000209722100056
Be decrypted, and determine the privately owned message that deciphering obtains according to system parameters When issuing, according to the first random number d of node N self generation for PGC N, privately owned message
Figure BSA00000209722100058
Generate private key K N
Step 104, node N and other nodes (K represents with node) are when communicating, and this node N is according to the private key K of self N, node K identity information ID K, generate the shared key K between node N and the node K NK
In the embodiment of the invention, PGC can be by symmetric cryptography mechanism to this privately owned message Encrypt; Node N generates symmetric key SK PGC, and adopt symmetric key SK PGCTo this
Figure BSA000002097221000510
Be decrypted.
In the embodiment of the invention, PGC is to privately owned message The mode of encrypting is varied, is not limited in the symmetric cryptography mechanism in the embodiment of the invention, such as, can also adopt asymmetric encryption mechanism right
Figure BSA000002097221000512
Carry out encrypting and decrypting.
In the embodiment of the invention, system initialization comprises: system generates the module G1 that rank are q automatically, and q is a big prime number, and computing all is based on crowd G 1On discrete logarithm problem; Choose G 1In primitive element p as first system parameters; Definition Hash function (as MD5, SHA-1 etc. commonly used) is represented the Hash function that defines with h in the follow-up formula; Choose master key s, s ∈ Z qDefinition P Pub=sp is second system parameters, the second system parameters P PubThe result who the first system parameters p and the master key s of system is carried out computing for mode that adopt to calculate a discrete mathematics difficult problem; PGC is with the first system parameters p and the second system parameters p of system initialization PubSend to connected each node, the system parameters that each node storage receives.
Node N generated identity information ID before sending the key request message to PGC NWith supplementary AS N, and announce identity information ID NWith supplementary AS N, PGC stores the identity information ID of this node N NWith supplementary AS NID is unique in during network survivability, and identity that can the unique identification egress.Node N generates identity information ID NWith supplementary AS N, be specially: node N produces 2 random numbers, uses the first random number d respectively N, the second random number d ' NExpression; Node N generates identity information ID according to these two random numbers, the first system parameters p NWith supplementary AS N, for raising cracks difficulty, in the embodiment of the invention, node N can adopt the mode of calculating a discrete mathematics difficult problem to generate identity information respectively and supplementary is: ID N=d NP, AS N=d ' NP.
In the above-mentioned steps 102, PGC can be according to generating privately owned message with following formula (1)
Figure BSA00000209722100061
:
Q ID N = s · h ( ID N ) Formula (1)
In the formula (1), s is the master key of system initialization definition, h (ID N) be to adopt the Hash function of system initialization definition to ID NCarry out the cryptographic Hash that Hash operation obtains.
Preferably, above-mentioned steps 102 also comprises step:
PGC utilizes the identity information ID of this node N of local storage when receiving the key request message of node N transmission NIdentity information ID to this node N transmission NVerify that when being proved to be successful, N generates privately owned message for this node
Figure BSA00000209722100063
During authentication failed, process ends, send the notification message of identity information authentication failed or resend the key request message to PGC to this node N.
In the step 102 of above-mentioned flow process, PGC is to this privately owned message
Figure BSA00000209722100064
Encrypt, be specially: PGC is according to the supplementary AS of this node N NWith the master key S that sets, generation is used for privately owned message
Figure BSA00000209722100065
Carry out encrypted secret key SK PGCBut through type (2) obtains:
SK PGC=sAS NFormula (2)
In the formula (2), SK PGCBe being used for that PGC generates to privately owned message
Figure BSA00000209722100071
Carry out encrypted secret key, s is the master key of system initialization definition, AS NSupplementary for this node N.
In the embodiment of the invention, to privately owned message The mode of encrypting is not limited in the cipher mode that the present invention mentions, can also adopt in the prior art other cipher modes to encrypt, the cipher mode that the embodiment of the invention is enumerated is a kind of mode wherein, those skilled in the art should expect much other cipher modes according to the enlightenment of technical solution of the present invention, enumerate no longer one by one at this.
In the step 103, node N is receiving the privately owned message that PGC issues The time, according to the second random number d ' NWith the second system parameters P Pub, generation is used for this privately owned message
Figure BSA00000209722100074
The key SK that is decrypted NBut concrete through type (3) obtains:
SK N=d ' NP PubFormula (3)
In the formula (3), SK NBe being used for that node N generates to privately owned message
Figure BSA00000209722100075
The key that is decrypted, d ' NBe second random number that node N generates, p PubSecond system parameters for the system initialization definition.
Preferably, above-mentioned steps 102 also comprises step: with the h (ID of node N N) send to node N; In the above-mentioned steps 103, node N determines the privately owned message that deciphering obtains
Figure BSA00000209722100076
Whether be the information that PGC issues, be specially: node N, the privately owned message that deciphering is obtained if adopt calculating the mode of a discrete mathematics difficult problem
Figure BSA00000209722100077
Carry out computing with the first system parameters p, obtain
Figure BSA00000209722100078
H (the ID that node N adopts the mode of a calculating discrete mathematics difficult problem that PGC is issued N) and the second system parameters p PubCarry out computing, obtain h (ID N) p PubJudge
Figure BSA00000209722100079
With h PubP PubWhether equate,, then determine the privately owned message that this deciphering obtains if equate
Figure BSA000002097221000710
For PGC issues,, then determine the privately owned message that this deciphering obtains if unequal
Figure BSA000002097221000711
Not that PGC issues.
Preferably, for avoiding determining privately owned message
Figure BSA000002097221000712
Not PGC when issuing, when node N resends the key message request to PGC, need regenerate the second random number d ' NAnd the problem long, that efficient is lower that causes delaying time, in the embodiment of the invention, node N generates one group of second random number, as
Figure BSA000002097221000713
If it is basis that this time sends to the identity information of PGC
Figure BSA00000209722100081
During generation, at definite privately owned message Be not PGC when issuing, node N will
Figure BSA00000209722100083
Destroy, from this group random number, choose According to this
Figure BSA00000209722100085
Generate identity information ID NWith supplementary AS N, and announce newly-generated ID again NAnd AS N, the rest may be inferred.In the step 103 of above-mentioned flow process, this node generates private key S N, through type (4) obtains:
S N=d iSh (ID N) formula (4)
In the formula (4), S NBe the private key that node N generates, d iBe first random number that node generates, s is the master key of system initialization definition, h (ID N) be to adopt the Hash function of system initialization definition to ID NCarry out the cryptographic Hash that Hash operation obtains.
Preferably, above-mentioned steps 103 further comprises step:
Node N is at the privately owned message of judging that deciphering obtains
Figure BSA00000209722100086
When not issuing for PGC, process ends sends the key request message to PGC again, carries the identity information of this node in this key request message.
In the embodiment of the invention, when communicating between node, all the identity information of self can be sent to correspondent node.
In the step 104 of above-mentioned flow process, node N and node K generate and share key, and be specially: the private key of this node N is S N, it is K that this node N through type (5) is determined shared key N, node K is S according to the key that above-mentioned flow process generates K, it is K that this node K through type (6) is determined shared key K, K wherein NWith K KEquate:
K N=S NID KH (ID K) formula (5)
K K=S KID NH (ID N) formula (6)
In the formula (5), S NBe the private key of node N, ID KBe the identity information of node K, h (ID K) be that the Hash function is to ID KCarry out the cryptographic Hash that Hash operation obtains, h (ID K) can also can be that PGC sends to node N for node K sends to node N; In the formula (6), S KBe the private key of node K, ID NBe the identity information of node N, h (ID N) be that the Hash function is to ID NCarry out the cryptographic Hash that Hash operation obtains, h (ID K) can also can be that PGC sends to node K for node N sends to node K.
In the embodiment of the invention, can use technical solution of the present invention in the distributed network arbitrarily, for example in Ad Hoc network, each node can come to generate corresponding Q by PGC by the said method flow process ID, as shown in Figure 2, each node is according to the privately owned message Q of PGC for self generating IDGenerate private key; Two nodes are when communicating, and any end node can generate shared key according to the private key of self and the identity information of the other side's node.
Technical solution of the present invention is not limited in Ad Hoc network, also applicable to other wireless self-organization networks such as P2P, also applicable to cable network.
In the embodiment of the invention, the generation of the generation of key, node identity information and the generation of supplementary, privately owned message can be based on a discrete mathematics difficult problem or a Diffie-Hellman difficult problem.Such as, in embodiments of the present invention, the identity information, supplementary, privately owned message and second system parameters that generate node can be calculated generation based on a discrete mathematics difficult problem; PGC generate be used for to privately owned message carry out encrypted secret key, node generates the shared key that generates between corresponding private key and the node and can generate based on a Diffie-Hellman difficult problem.
In the embodiment of the invention, the generation of the generation of key, node identity information and the generation of supplementary, privately owned message can also generate based on other algorithms comparatively commonly used in the prior art, be not limited in the algorithm of enumerating in the embodiment of the invention based on a discrete mathematics difficult problem or a Diffie-Hellman difficult problem, the algorithm that the embodiment of the invention is enumerated is a kind of concrete implementation.
Below in conjunction with technical solution of the present invention being carried out more clear, detailed description with a concrete method flow.
Referring to Fig. 3, for setting up the method flow diagram of sharing key in the embodiment of the invention, this flow process may further comprise the steps:
Step 301, system carry out initialization, set the first system parameters p, master key s, and the second system parameters P Pub, and selected Hash function; Node A is according to the second random number d ' that self generates A, the first random number d A, adopt the mode of calculating a discrete mathematics difficult problem to generate identity information ID AWith supplementary AS A, wherein: ID A=d AP, AS A=d ' AP, and announce the identity information ID of self AWith supplementary AS A, so that PGC stores the ID of this node A AAnd AS A
Step 302, node A send the key request message to PGC, carry the identity information ID of this node A in this key request message A
Step 303, PGC are according to the identity information ID of this node A of storage AIdentity information ID to this node A transmission AVerify, when being proved to be successful, execution in step 304, otherwise execution in step 313.
Step 304, PGC are according to the identity information ID of node A A, predefined Hash function, generate h (ID A), and with this h (ID A) send to node A; PGC is according to master key s and h (ID A), adopt the mode of calculating a discrete mathematics difficult problem to generate the privately owned message corresponding with this node A
Figure BSA00000209722100101
In this step, PGC is according to master key s and h (ID A) can generate the privately owned message corresponding according to aforementioned formula (1) with this node A
Figure BSA00000209722100102
The second random number d ' that step 305, PGC generate according to node A, master key s and the first system parameters p, generate and be used for privately owned message Carry out encrypted secret key SK PGC
In this step, PGC can generate SK according to aforementioned formula (2) PGC
Step 306, PGC adopt key SK PGCTo the privately owned message that generates
Figure BSA00000209722100104
Encrypt, and the privately owned message after will encrypting
Figure BSA00000209722100105
Send to node A by common signal channel.
The second random number d ' that step 307~308, node A store according to this locality A, the second system parameters P PubGeneration is used for the privately owned message to receiving
Figure BSA00000209722100106
The key SK that is decrypted 4And employing key SK 4To what receive
Figure BSA00000209722100107
Be decrypted.
In this step, node A can generate key SK according to aforementioned formula (3) 4
The first system parameters p, the second system parameters P that step 309, node A store according to this locality Pub, the privately owned message that obtains of deciphering
Figure BSA00000209722100108
Judge the privately owned message that deciphering obtains
Figure BSA00000209722100109
Whether be that PGC issues, if then execution in step 310, otherwise, execution in step 302.
The second random number d ' that step 310~311, node A will generate ADestroy, and according to the first random number d A, the privately owned message that obtains of deciphering
Figure BSA000002097221001010
Generate the private key S corresponding with this node A A
In this step, node A can generate private key S according to aforementioned formula (4) A
Step 312, when node A and Node B communicate, node A is according to the private key S of self A, Node B identity information ID B, generate the shared key K of sharing with Node B ABNode B is according to the private key S of self B, node A identity information ID A, generate the shared key K of sharing with this node A AB
In this step, node A can generate according to aforementioned formula (5) and share key K AB
Step 313, process ends.
Based on the identical design of above-mentioned flow process, the embodiment of the invention also provides a kind of node, and a kind of key generates center and a kind of system of sharing key that sets up.
Referring to Fig. 4, be the structural representation at key generation center in the embodiment of the invention, this key generation center comprises:
Receiver module 41 is used for the key generation request message that receiving node sends;
Privately owned message generation module 42 when being used for that key generates request message under receiver module 41 receives, according to identity information and system's master key of described node, generates the privately owned message Q corresponding with this node ID
Encrypting module 43 is used for the privately owned message Q that described privately owned message generation module is generated IDEncrypt;
Sending module 44 is used for encrypting module 43 is encrypted privately owned message Q afterwards IDSend to described node.
43 couples of privately owned message Q of encrypting module IDEncrypt, have particular application as:
According to supplementary, system's master key of the first node of storing, generation is used for this privately owned message Q IDFirst key of encrypting, and adopt this first key to this privately owned message Q IDEncrypt, the supplementary of described first node is determined according to second random number of first system parameters and the generation of described first node.
Encrypting module 43 generates first key according to formula (2).
Referring to Fig. 5, be the structural representation of node in the embodiment of the invention, this node comprises:
Sending module 51 is used for generating center P GC to key and sends the key request message;
Receiver module 52 is used to receive that described PGC sends and the corresponding privately owned message Q of described node ID
Deciphering module 53 is used for the privately owned message Q that receiver module 52 is received IDBe decrypted;
Private key generation module 54 is used for the privately owned message Q that 53 deciphering obtain according to deciphering module IDFirst random number with described node self generates generates the private key corresponding with described node;
Share key production module 55, be used for when communicating,, generate the shared key that described node and described Section Point communicate according to the private key of private key generation module 54 generations, the identity information of Section Point with Section Point.
53 couples of privately owned message Q of deciphering module IDBe decrypted, have particular application as: according to second random number and second system parameters that described node generates, generation is used for described privately owned message Q IDSecond key that is decrypted, and adopt this second key to this privately owned message Q IDBe decrypted.
Deciphering module 53 generates second key according to formula (3).
Preferably, above-mentioned node also comprises:
Judge module 56 is used for identity information, second system parameters, first system parameters according to first node, determines the privately owned message Q that deciphering module 53 deciphering obtain IDWhether be that PGC issues;
Sending module 51 is further used for, and judges described privately owned message Q at judge module 56 IDNot PGC when issuing, send the key request message to PGC again.
A kind of system of sharing key that sets up comprises:
Key generates center P GC, is used to receive the key request message that first node sends; According to identity information and system's master key of described first node, for this first node generates privately owned message Q ID, and with this Q IDSend to described first node after encrypting;
Described first node is used for the privately owned message Q after the described encryption that receives IDBe decrypted, and according to the privately owned message Q after the deciphering ID, first random number that generates of first node self, generate the private key corresponding with this first node; And when communicating,, generate the shared key that described first node and described Section Point communicate according to the identity information of described private key, Section Point with Section Point.
Described PGC is to described privately owned message Q IDEncrypt, have particular application as:
PGC is according to supplementary, system's master key of the described first node of storage, and generation is used for this Q IDFirst key of encrypting, and adopt this first key to this privately owned message Q IDEncrypt;
The described privately owned message Q of described first node to receiving IDBe decrypted, have particular application as:
First node is according to second random number and second system parameters that self generate, and generation is used for described Q IDSecond key that is decrypted, and adopt this second key to this privately owned message Q IDBe decrypted;
The result that described second system parameters is carried out computing for mode that adopt to calculate a discrete mathematics difficult problem to described first system parameters and described system master key.
Described first node is further used for, and before generating described private key, according to identity information, second system parameters, first system parameters of first node, determines deciphering privately owned message Q afterwards IDWhether be that PGC issues, and determining it is not PGC when issuing, process ends or send the key request message to described PGC again.
In the embodiment of the invention, when node generates private key at needs, send the key request message that carries this node identity information to PGC; PGC is according to the identity information of system parameters, this node, and the mode of an employing calculating discrete mathematics difficult problem is privately owned message Q for this node generates ID, and to this privately owned message Q IDSend to node after encrypting; Node is according to random number that self generates and the Q that receives IDGenerate private key; And when communicating, according to the privately owned message Q of this node with other nodes ID, random number and other nodes identity information, adopt the mode of calculating a Diffie-Hellman difficult problem to generate shared key between this node and other nodes.Adopt technical solution of the present invention, the Q that node issues according to PGC IDGenerate private key, and according to the shared key between private key generation and other nodes, because PGC is to the Q of this node IDCarried out encryption, therefore, even the random number that this node generates reveal or be stolen because other nodes or lawless person can't be to Q IDBe decrypted, thereby can not obtain the private key of this node easily; Then can not crack the shared key of enabling communication between nodes, improve the difficulty that cracks of sharing key between the node, improve fail safe, the reliability of inter-node communication; And the key that generates all is based on a discrete mathematics difficult problem or a Diffie-Hellman difficult problem, has further improved the difficulty that cracks of shared key.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.

Claims (18)

1. set up the method for sharing key for one kind, it is characterized in that, comprising:
First node generates center P GC to key and sends the key request message;
When described PGC receives described key request message,, generate the privately owned message Q corresponding with this first node according to identity information and system's master key of described first node ID, and with described privately owned message Q IDSend to described first node after encrypting;
The privately owned message Q of described first node after to the encryption that receives IDBe decrypted, and according to the privately owned message Q after the deciphering IDFirst random number with first node self generates generates the private key corresponding with this first node;
Described first node according to the identity information of described private key, Section Point, generates the shared key that described first node and described Section Point communicate when communicating with Section Point.
2. the method for claim 1 is characterized in that, described PGC is to described privately owned message Q IDEncrypt, comprising: PGC is according to supplementary, system's master key of the described first node of storage, and generation is used for this privately owned message Q IDFirst key of encrypting, and adopt this first key to this privately owned message Q IDEncrypt, the supplementary of described first node is determined according to second random number of first system parameters and the generation of described first node;
The described privately owned message Q of described first node to receiving IDBe decrypted, comprise: first node is according to second random number and second system parameters that self generate, and generation is used for described privately owned message Q IDSecond key that is decrypted, and adopt this second key to this privately owned message Q IDBe decrypted.
3. method as claimed in claim 2 is characterized in that, described PGC obtains described first key by following formula:
SK PGC = s · AS N ⇒ SK PGC = s · ( d N ′ · p )
In the formula, SK PGCBe first key that described PGC generates, s is system's master key, AS NBe the supplementary of described first node, d ' NBe second random number, p is first system parameters;
Described first node obtains second key by following formula:
SK N=d′ N·p pub
In the formula, SK NBe second key that first node generates, d ' NBe second random number, p PubIt is second system parameters.
4. method as claimed in claim 2 is characterized in that, described first node generates before the described private key, also comprises: described first node is determined deciphering privately owned message Q afterwards according to identity information, second system parameters, first system parameters of first node IDWhether be that PGC issues, if not PGC issues, process ends or send the key request message to described PGC again.
5. method as claimed in claim 4 is characterized in that, described PGC generates privately owned message Q ID, obtain according to following formula:
Q ID=s·h(ID)
In the formula, described s is system's master key, and ID is the identity information of described first node, and h (ID) is for to carry out the cryptographic Hash that Hash operation obtains to ID.
6. method as claimed in claim 4 is characterized in that,
Described first node is determined the privately owned message Q after the described deciphering IDWhether be that PGC issues, comprise: judge whether following formula is set up,, then determine privately owned message Q if set up IDFor PGC issues,, then determine described privately owned message Q if be false IDDo not issue for PGC:
Q ID·p=h(ID)·p pub
In the formula, p is first system parameters, and h (ID) is for to carry out the cryptographic Hash that Hash operation obtains to ID, p PubIt is second system parameters.
7. as each described method of claim 4~6, it is characterized in that described first node is determined described privately owned message Q IDBe PGC when issuing, destroy the described second random number d ' N
8. as each described method of claim 1~6, it is characterized in that, when described first node and Section Point communicate, receive the cryptographic Hash corresponding with this Section Point that described Section Point sends, to be PGC carry out the value that Hash operation obtains to the identity information of described Section Point to this cryptographic Hash;
Described first node generates the shared key that communicates with Section Point, obtains by following formula:
K N=SK N·ID K·h(ID K)
In the formula, described K NFor sharing key, SK NBe the private key that first node generates, ID KBe the identity information of Section Point, described h (ID K) be that PGC is to ID KCarry out the cryptographic Hash that Hash operation obtains.
9. a key generates the center, it is characterized in that, comprising:
Receiver module is used for the key generation request message that receiving node sends;
Privately owned message generation module is used for receiving described key when generating request message at described receiver module, according to identity information and system's master key of described node, generates the privately owned message Q corresponding with this node ID
Encrypting module is used for the privately owned message Q that described privately owned message generation module is generated IDEncrypt;
Sending module is used for described encrypting module is encrypted privately owned message Q afterwards IDSend to described node.
10. key as claimed in claim 9 generates the center, it is characterized in that described encrypting module is to privately owned message Q IDEncrypt, have particular application as:
According to supplementary, system's master key of the described first node of storing, generation is used for this privately owned message Q IDFirst key of encrypting, and adopt this first key to this privately owned message Q IDEncrypt, the supplementary of described first node is determined according to second random number of first system parameters and the generation of described first node.
11. key as claimed in claim 10 generates the center, it is characterized in that described encrypting module generates first key, has particular application as:
Obtain described first key by following formula:
SK PGC = s · AS N ⇒ SK PGC = s · ( d N ′ · p )
In the formula, SK PGCBe first key that described PGC generates, s is system's master key, AS NBe the supplementary of described first node, d ' NBe second random number, p is first system parameters.
12. a node is characterized in that, comprising:
Sending module is used for generating center P GC to key and sends the key request message;
Receiver module is used to receive that described PGC sends and the corresponding privately owned message Q of described node ID
Deciphering module is used for the privately owned message Q that described receiver module is received IDBe decrypted;
The private key generation module is used for the privately owned message Q that obtains according to described deciphering module deciphering IDFirst random number with described node self generates generates the private key corresponding with described node;
Share key production module, be used for when communicating,, generate the shared key that described node and described Section Point communicate according to the private key of described private key generation module generation, the identity information of Section Point with Section Point.
13. node as claimed in claim 12 is characterized in that, described deciphering module is to privately owned message Q IDBe decrypted, have particular application as: according to second random number and second system parameters that described node generates, generation is used for described privately owned message Q IDSecond key that is decrypted, and adopt this second key to this privately owned message Q IDBe decrypted.
14. node as claimed in claim 13 is characterized in that, described deciphering module generates second key, has particular application as:
Obtain second key by following formula:
SK N=d′ N·p pub
In the formula, SK NBe second key that node generates, d ' NBe second random number, p PubIt is second system parameters.
15. as each described node of claim 12~14, it is characterized in that, also comprise:
Judge module is used for identity information, second system parameters, first system parameters according to first node, determines the privately owned message Q that described deciphering module deciphering obtains IDWhether be that PGC issues;
Described sending module is further used for, and judges described privately owned message Q at described judge module IDNot PGC when issuing, send the key request message to described PGC again.
16. set up the system of sharing key for one kind, it is characterized in that, comprising:
Key generates center P GC, is used to receive the key request message that first node sends; According to identity information and system's master key of described first node, for this first node generates privately owned message Q ID, and should privately owned message Q IDSend to described first node after encrypting;
Described first node is used for the described privately owned message Q to receiving IDBe decrypted, and according to the privately owned message Q after the deciphering ID, first random number that generates of first node self, generate the private key corresponding with this first node; And when communicating,, generate the shared key that described first node and described Section Point communicate according to the identity information of described private key, Section Point with Section Point.
17. system as claimed in claim 16 is characterized in that, described PGC is to described privately owned message Q IDEncrypt, have particular application as:
PGC is according to supplementary, system's master key of the described first node of storage, and generation is used for this Q IDFirst key of encrypting, and adopt this first key to this privately owned message Q IDEncrypt;
The privately owned message Q of described first node after to the described encryption that receives IDBe decrypted, have particular application as:
First node is according to second random number and second system parameters that self generate, and generation is used for described privately owned message Q IDSecond key that is decrypted, and adopt this second key to this privately owned message Q IDBe decrypted, the supplementary of described first node is determined according to second random number of first system parameters and the generation of described first node.
18. system as claimed in claim 17 is characterized in that, described first node is further used for, and before generating described private key, according to identity information, second system parameters, first system parameters of first node, determines deciphering Q afterwards IDWhether be that PGC issues, if not PGC issues, process ends or send the key request message to described PGC again.
CN2010102400960A 2010-07-28 2010-07-28 Method, equipment and system thereof for establishing shared key Expired - Fee Related CN101908959B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2010102400960A CN101908959B (en) 2010-07-28 2010-07-28 Method, equipment and system thereof for establishing shared key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010102400960A CN101908959B (en) 2010-07-28 2010-07-28 Method, equipment and system thereof for establishing shared key

Publications (2)

Publication Number Publication Date
CN101908959A true CN101908959A (en) 2010-12-08
CN101908959B CN101908959B (en) 2012-08-22

Family

ID=43264286

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010102400960A Expired - Fee Related CN101908959B (en) 2010-07-28 2010-07-28 Method, equipment and system thereof for establishing shared key

Country Status (1)

Country Link
CN (1) CN101908959B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102325320A (en) * 2011-09-14 2012-01-18 北京握奇数据系统有限公司 A kind of wireless security communication means and system
WO2015127789A1 (en) * 2014-02-28 2015-09-03 华为技术有限公司 Communication method, apparatus and system based on combined public key cryptosystem
CN105007163A (en) * 2015-07-15 2015-10-28 普联技术有限公司 Pre-shared key (PSK) transmitting and acquiring methods and transmitting and acquiring devices
CN103929299B (en) * 2014-04-28 2017-05-10 王小峰 Self-securing lightweight network message transmitting method with address as public key
CN107645378A (en) * 2017-09-12 2018-01-30 中国联合网络通信集团有限公司 Key management platform, communication encrypting method and terminal
CN107959688A (en) * 2017-12-14 2018-04-24 恒宝股份有限公司 The safety certifying method and its Verification System that a kind of terminal and picture pick-up device are mutually authenticated
CN109361506A (en) * 2018-09-21 2019-02-19 无锡润盟软件有限公司 Information processing method
CN110120927A (en) * 2018-02-05 2019-08-13 华为技术有限公司 The method and apparatus that private key generates
CN110166239A (en) * 2019-06-04 2019-08-23 成都卫士通信息产业股份有限公司 Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment
CN110601830A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Key management method, device, equipment and storage medium based on block chain
CN112688909A (en) * 2020-09-29 2021-04-20 北京海泰方圆科技股份有限公司 Data transmission system, method, device, medium and equipment
CN113746629A (en) * 2021-11-04 2021-12-03 山东凤和凰城市科技有限公司 Secret communication method based on polymer simulation
CN116340954A (en) * 2023-03-24 2023-06-27 合芯科技有限公司 Data security channel establishment method, system control processor and starting firmware

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070028114A1 (en) * 2005-03-30 2007-02-01 Mccullagh Noel Verification of identity based signatures
CN101277512A (en) * 2007-03-27 2008-10-01 厦门致晟科技有限公司 Method for ciphering wireless mobile terminal communication
CN101459505A (en) * 2007-12-14 2009-06-17 华为技术有限公司 Method, system for generating private key for user, user equipment and cipher key generating center

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070028114A1 (en) * 2005-03-30 2007-02-01 Mccullagh Noel Verification of identity based signatures
CN101277512A (en) * 2007-03-27 2008-10-01 厦门致晟科技有限公司 Method for ciphering wireless mobile terminal communication
CN101459505A (en) * 2007-12-14 2009-06-17 华为技术有限公司 Method, system for generating private key for user, user equipment and cipher key generating center

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102325320B (en) * 2011-09-14 2015-09-02 北京握奇数据系统有限公司 A kind of Wireless security communication method and system
CN102325320A (en) * 2011-09-14 2012-01-18 北京握奇数据系统有限公司 A kind of wireless security communication means and system
WO2015127789A1 (en) * 2014-02-28 2015-09-03 华为技术有限公司 Communication method, apparatus and system based on combined public key cryptosystem
CN103929299B (en) * 2014-04-28 2017-05-10 王小峰 Self-securing lightweight network message transmitting method with address as public key
CN105007163B (en) * 2015-07-15 2018-07-31 普联技术有限公司 Transmission, acquisition methods and the transmission of wildcard, acquisition device
CN105007163A (en) * 2015-07-15 2015-10-28 普联技术有限公司 Pre-shared key (PSK) transmitting and acquiring methods and transmitting and acquiring devices
CN107645378A (en) * 2017-09-12 2018-01-30 中国联合网络通信集团有限公司 Key management platform, communication encrypting method and terminal
CN107959688A (en) * 2017-12-14 2018-04-24 恒宝股份有限公司 The safety certifying method and its Verification System that a kind of terminal and picture pick-up device are mutually authenticated
CN107959688B (en) * 2017-12-14 2020-11-10 恒宝股份有限公司 Security authentication method and system for mutual authentication of terminal and camera equipment
CN110120927A (en) * 2018-02-05 2019-08-13 华为技术有限公司 The method and apparatus that private key generates
CN110120927B (en) * 2018-02-05 2022-03-25 华为技术有限公司 Method and device for private key generation
CN109361506A (en) * 2018-09-21 2019-02-19 无锡润盟软件有限公司 Information processing method
CN109361506B (en) * 2018-09-21 2021-06-15 无锡润盟软件有限公司 Information processing method
CN110166239A (en) * 2019-06-04 2019-08-23 成都卫士通信息产业股份有限公司 Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment
CN110601830A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Key management method, device, equipment and storage medium based on block chain
CN112688909A (en) * 2020-09-29 2021-04-20 北京海泰方圆科技股份有限公司 Data transmission system, method, device, medium and equipment
CN113746629A (en) * 2021-11-04 2021-12-03 山东凤和凰城市科技有限公司 Secret communication method based on polymer simulation
CN113746629B (en) * 2021-11-04 2022-03-01 山东凤和凰城市科技有限公司 Secret communication method based on polymer simulation
CN116340954A (en) * 2023-03-24 2023-06-27 合芯科技有限公司 Data security channel establishment method, system control processor and starting firmware
CN116340954B (en) * 2023-03-24 2024-01-23 合芯科技有限公司 Data security channel establishment method, system control processor and starting firmware

Also Published As

Publication number Publication date
CN101908959B (en) 2012-08-22

Similar Documents

Publication Publication Date Title
CN101908959B (en) Method, equipment and system thereof for establishing shared key
US7814320B2 (en) Cryptographic authentication, and/or establishment of shared cryptographic keys, using a signing key encrypted with a non-one-time-pad encryption, including (but not limited to) techniques with improved security against malleability attacks
CN105577384B (en) Method for protecting a network
CN103702326B (en) A kind of Certificateless key agreement method based on mobile Ad Hoc network
CN103825733A (en) Communication method, device and system based on combined public key cryptography system
CN103796199B (en) Authenticable asymmetrical group secret key negotiation method in mobile unbalanced network
CN104660415A (en) Multi-inter-domain asymmetric group key agreement protocol method in mobile cloud computing environment
CN101436930A (en) Method, system and equipment for distributing cipher key
CN110087240B (en) Wireless network security data transmission method and system based on WPA2-PSK mode
Chen et al. An authentication scheme with identity‐based cryptography for M2M security in cyber‐physical systems
Singh et al. A survey on comparisons of cryptographic algorithms using certain parameters in WSN
CN104333860A (en) ZigBee security network with public key cryptography system NTRU (number theory research unit)
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN101562519B (en) Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network
KR101704540B1 (en) A method of managing group keys for sharing data between multiple devices in M2M environment
GB2543359A (en) Methods and apparatus for secure communication
CN107276755B (en) Security association method, device and system
Chen et al. An authentication framework for multi-domain machine-to-machine communication in cyber-physical systems
Elmubark et al. Fast and secure generating and exchanging a symmetric keys with different key size in TVWS
CN110572788B (en) Wireless sensor communication method and system based on asymmetric key pool and implicit certificate
TW202301830A (en) Encryption system and encryption method for group instant massaging
Hamoud et al. Towards using multiple KGC for CL-PKC to secure D2D communications
Hoeper et al. Bootstrapping security in mobile ad hoc networks using identity-based schemes
Li et al. Key management using certificateless public key cryptography in ad hoc networks
Mehr et al. Securing Mobile Ad Hoc Networks Using Enhanced Identity‐Based Cryptography

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden

Patentee after: BEIJING WATCHDATA Co.,Ltd.

Address before: 100015 Beijing city Chaoyang District Dongzhimen West eight Street No. 2 room Wanhong Yan Dong Business Garden

Patentee before: BEIJING WATCH DATA SYSTEM Co.,Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120822

Termination date: 20210728