CN101977198A - Inter-domain authentication and key negotiation method - Google Patents

Abstract

The invention relates to an inter-domain authentication and key negotiation method, which aims to solve the problems that the reliability of representative nodes of domains cannot be guaranteed and the efficiency of the key negotiation is low during the negotiation of a shared key in the prior art. A physical network for communication among nodes is converted into a logic network for inter-domain communication, and a shared key negotiation mechanism which takes the representative nodes in the domains as a center and in which ordinary nodes participate. The method comprises the following four steps of: a registering process, a communication process, a calculation process and the distribution of an intra-domain shared key, wherein in the register process, all nodes for the communication in the two domains register with a credible third party to acquire system public parameters and a node private key; in the communication process, the representative nodes of the domains calculate a temporary public key set of the domains by using the public parameters and send the temporary public key set to the opposite domain; in the calculation process, the representative nodes of the domains receive the temporary public key set sent by the opposite domain, and perform information interaction with all intra-domain ordinary nodes to calculate an inter-domain shared key; and in the distribution process of the intra-domain shared key, after acquiring the inter-domain shared key through calculation, the representative nodes distribute the inter-domain shared key to all intra-domain nodes, so that all nodes, which need to perform the communication, of the two domains acquire the shared key K.

Description

Authentication and cryptographic key negotiation method between the territory

Technical field

The invention belongs to the network security technology field, relate in the network service the not mutual authentication between the same area and the safe practice of negotiating about cipher key shared.Based on encryption mechanism, proposed to authenticate and set up the method for sharing key between two territories based on attribute.

Background technology

In network service, the user between the same area often need not communicate.For guaranteeing between the user can secure exchange information, need between communicating pair, carry out authentication and set up shared session key, except cipher key interaction agreement based on PKIX PKI (Public Key Infrastructure), two side's IKEs based on identity also are the methods that often adopts, and can realize this demand for security.

Document " Two-Party Attribute-based Key Agreement Protocol in the Standard Model.International Symposium on Information Processing; August 21-23; 2009; 325-328 " has proposed a kind of two side's IKEs based on attribute, the main thought of this method is: read two sides' attribute information from trusted third party after, picked at random satisfies the polynomial computation of certain condition and the initial parameter of system is set, and utilizes this multinomial and user property collection can calculate user's sets of private keys.In cipher key agreement process, A selects a random number and utilizes the property set of open parameter of set system and B to calculate, but obtain a public information and send to B, B uses the sets of private keys of oneself and shines upon computation key by bilinearity after receiving this public information, in like manner A side utilizes public information that B side sends and the sets of private keys computation key of oneself, thereby both sides can successfully obtain a shared key.This method is directly used in authentication and key agreement existing problems between the territory, two territories of negotiating about cipher key shared just authenticate negotiation between the representation node in two territories, do not consider the integrity problem of representation node, so just give assailant's opportunity, can not effectively guarantee the fail safe of system; If will realize the Authentication and Key Agreement of all nodes in two territories, just need carry out in two territories the node number secondary key that multiplies each other consults, obviously reduced entire system efficient, especially when in the territory great deal of nodes being arranged, this can greatly increase the amount of calculation of key agreement.

Summary of the invention

Purpose of the present invention: in order to overcome reliability and the inefficient technical problem of key agreement that prior art can not ensure the representation node in territory when the negotiating about cipher key shared, the present invention proposes between a kind of territory authentication and cryptographic key negotiation method, allow in the arranging key process ordinary node also participates in negotiations process in the territory.The representation node in territory will carry out information interaction with the territory interior nodes in negotiations process, thereby makes territory interior nodes fellowship consult effectively to have ensured between the territory key agreement between authentication and reliable territory; After sharing the key agreement success, carry out secure distribution by representation node ordinary node in the territory, thereby all nodes have all obtained shared session key in the territory.This has not only guaranteed the fail safe of network service, and has improved the network service whole efficiency.

Authentication and cryptographic key negotiation method between the territory that the present invention proposes are converted to the logical network of communicating by letter between territory and the territory with the physical network of communicating by letter between the node, and setting up with representation node in the territory is the key agreement mechanism of center, ordinary node fellowship.So-called " territory " is exactly the set that all nodes in the representation node compass of competency form, and comprises representation node and ordinary node in the territory.Described representation node, the node of electing out by the territory interior nodes has only a representation node in each territory exactly, be mainly used between the territory and the territory in the forwarding of network data, realization network service.

For basic principle of the present invention is described, any two territory D1 and D2 that the present invention chooses in the network narrate its process.Authentication and cryptographic key negotiation method comprise shared key distribution process in registration process, communication process, computational process and the territory between the territory that the present invention proposes:

1) registration process

Territory D ₁In all nodes register to the TTP of trusted third party, concrete steps are as follows:

The first step: territory D ₁In all nodes node A that elects a deputy at random ₀, A then ₀Collect territory D ₁In the information of all nodes, the set of structure key application information

Gather with identity information And transmission message

Give TTP;

Second step: TTP receives territory D ₁The message of sending After, one group of random number t of picked at random ₀, t ₁..., t _i..., t _n∈ Z ^* _qWith satisfy f ₁(0)=(d-1) inferior (d is an integer, is the security parameter that sets in advance) polynomial f of y ₁And calculate open parameter (x),

Y=e (g, g) ^yThe private key of (y is the private key of TTP) and each node

Send message by safe lane then

Give territory D ₁Middle corresponding node A _i(i=0,1 ..., n);

Territory D ₂In all nodes register to the TTP of trusted third party, concrete steps are as follows:

The first step: territory D ₂In all nodes Node B that elects a deputy at random ₀, B then ₀Collect territory D ₂In the information of all nodes, the set of structure key application information

Gather with identity information

And transmission message

Give TTP;

Second step: TTP receives territory D ₂The information of sending

After, one group of random number l of picked at random ₀, l ₁..., l _j..., l _m∈ Z ^* _qWith satisfy f ₂(0)=(d-1) inferior (d is an integer, is the security parameter that sets in advance) polynomial f of y ₂And calculate open parameter (x),

Y=e (g, g) ^yThe private key of (y is the private key of TTP) and each node

Send message by safe lane then

Give territory D ₂Middle corresponding Node B _j(j=0,1 ..., m);

2) communication process

2.1) territory D ₁In representation node A ₀Random number x of picked at random _a∈ Z ^* _q, computational fields D ₁Interim public key sets

Then with territory D ₁Interim public key sets

Send to territory D ₂In representation node B ₀

2.2) territory D ₂In representation node B ₀Random number x of picked at random _b∈ Z ^* _q, computational fields D ₂Interim public key sets

Then with territory D ₂Interim public key sets

Send to territory D ₂Representation node A ₀

3) computational process

Territory D ₁Other node is carried out following process in interior representation node and the territory:

The first step: territory D ₁In representation node A ₀Receive territory D ₂In representation node B ₀The interim public key sets of sending

After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₁Interior i (i=1,2 ..., n) individual node A _iReceive representation node A ₀The territory D that sends ₂Interim public key sets

After, utilize oneself private key

Calculate the shared Sub key And from node A _iWith node A ₀Shared key

Derived cipher key With the completeness check key

The 3rd step: node A _iUse encryption key

Encrypt the shared Sub key

Obtain ciphertext

And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to representation node A ₀

The 4th step: representation node A ₀Receive node A _iThe message of sending

After, from node A ₀With node A _iShared key

Derive decruption key

With the completeness check key

The 5th step: representation node A ₀Use the integrality check key

To the message that receives

Recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives With calculate Whether equate.If unequal, then abandon this message; If equate, then use decruption key

To cipher-text information

Be decrypted and obtain node A _iThe shared Sub key that calculates

The 6th step: representation node A ₀Receive that the message that each node is sent in the territory successfully obtains (d-1) individual shared Sub key, and calculate the shared Sub key Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_1,D_2}={\left(\underset{i\∈D_1}{\mathrm{\Π}}e{(A_{B_j},{\mathrm{sk}}_{A_i})}^{{\mathrm{\Δ}}_{i,D_1}\left(0\right)}\right)}^{x_a}={\left(e(g,g)\right)}^{f_1\left(0\right)x_a{x}_b}=Y^{x_a{x}_b}.$

Territory D ₂Other node is carried out following process in interior representation node and the territory:

The first step: territory D ₂In representation node B ₀Receive territory D ₁In representation node A ₀The interim public key sets of sending After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₂Interior j (j=1,2 ..., m) individual Node B _jReceive representation node B ₀The territory D that sends ₁Public key sets

After, utilize oneself private key Calculate the shared Sub key

And from Node B _jWith Node B ₀Shared key

Derived cipher key With the completeness check key

The 3rd step: Node B _jUse encryption key

Encrypt the shared Sub key

Obtain ciphertext And use the integrality check key

Calculate message

Completeness check code

Then with message Send to representation node B ₀

The 4th step: representation node B ₀Receive Node B _jThe message of sending

After, from Node B ₀With Node B _jShared key

Derive decruption key

With the completeness check key

The 5th step: representation node B ₀Use the integrality check key

To the message that receives

Recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives

With calculate Whether equate.If unequal, then abandon this message; If equate, then use decruption key

To cipher-text information

Be decrypted and obtain Node B _jThe shared Sub key that calculates

The 6th step: representation node B ₀Receive that the message that the territory interior nodes is sent successfully obtains (d-1) individual shared Sub key, and calculate the shared Sub key

Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_2,D_1}={\left(\underset{j\∈D_2}{\mathrm{\Π}}e{(A_{A_i},{\mathrm{sk}}_{B_j})}^{{\mathrm{\Δ}}_{j,D_2}\left(0\right)}\right)}^{x_b}={\left(e(g,g)\right)}^{f_2\left(0\right)x_a{x}_b}=Y^{x_a{x}_b}.$

4) share the key distribution process in the territory

Territory D ₁Representation node A ₀Calculate and obtain territory D ₁With territory D ₂Shared key

After, carry out following steps:

The first step: territory D ₁Representation node A ₀Utilize and node A _i(i=1,2 ..., the n) encryption key that goes out of the shared key derivation between

Encrypt and share key

Obtain cipher-text message And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to i node A in the territory _i

Second step: territory interior nodes A _iReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives With calculate

Whether equate.If unequal, then abandon this message; If equate, then use node A _iWith representation node A ₀Between the decruption key that goes out of shared key derivation

Deciphering

Obtain territory D ₁With territory D ₂Shared key

Territory D ₂Representation node B ₀Calculate and obtain territory D ₂With territory D ₁Shared key

After, carry out following steps:

The first step: representation node B ₀Utilize and Node B _j(j=1,2 ..., the n) encryption key that goes out of the shared key derivation between

Encrypt and share key

Obtain cipher-text message

And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to j Node B in the territory _j

Second step: territory interior nodes B _jReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check code that relatively receives With calculate

Whether equate.If unequal, then abandon this message; If equate, then use Node B _jWith representation node B ₀Between the decruption key that goes out of shared key derivation

Deciphering

Obtain territory D ₁With territory D ₂Shared key

The beneficial effect that the present invention compared with prior art has:, ensured effectively between the territory that the safety of authentication and key agreement realizes by authentication and cryptographic key negotiation method between the territory.The territory interior nodes participates in consulting having overcome that traditional two sides authentication and key agreement carry out and the shortcoming that can not ensure the reliability of representation node between two representation nodes.Feasible authentication of the information interaction of ordinary node and key agreement are safe and reliable in representation node that this method proposes and the territory, between the territory after the representation node negotiating about cipher key shared success, transmit by representation node ordinary node in the territory, thereby all nodes have all obtained shared session key in the territory, and this has improved the fail safe and the communication efficiency of the whole system of network service effectively.

Description of drawings

Fig. 1. the flow chart of authentication and cryptographic key negotiation method between the territory

Explanation of nouns:

TTP: trusted third party;

Q: the big prime number that trusted third party chooses;

Y: the private key that trusted third party chooses;

G ₁: the q rank module that TTP chooses;

G ₂: the q rank multiplicative group that TTP chooses;

Multiplicative group based on prime number q;

G: the G that trusted third party chooses ₁Generator;

E: trusted third party chooses G ₁And G ₂On bilinear transformation, i.e. e:G ₁* G ₁→ G ₂

Territory D ₁In all nodes send to the cipher key request information set of TTP;

Territory D ₁In the identity information set of all nodes;

Territory D ₂In all nodes send to the cipher key request information set of TTP;

Territory D ₂In the identity information set of all nodes;

D: the threshold value of calculating the shared Sub key number of sharing the required territory interior nodes calculating of key;

f ₁(x): satisfy f ₁(0)=the d-1 order polynomial of y;

f ₂(x): satisfy f ₂(0)=the d-1 order polynomial of y;

Territory D ₁In the private key of i node;

Territory D ₂In the private key of j node;

x _a: representation node A ₀A selected random number;

x _b: representation node B ₀A selected random number;

Representation node A ₀The territory D that calculates ₁Interim public key sets;

Representation node B ₀The territory D that calculates ₂Interim public key sets;

Territory D ₁In the interim PKI of i node;

Territory D ₂In the interim PKI of j node;

K _{A, b}: the shared key in the territory between node a and the b;

KE _{A, b}: the encryption key that the shared key in the territory between node a and the b is derived;

KI _{A, b}: the completeness check key that the shared key in the territory between node a and the b is derived;

Node A in the computational process _iSend to representation node A ₀The completeness check code of message;

Representation node A in the computational process ₀Checking node A _iThe completeness check code that the message of sending is calculated;

Node B in the computational process _jSend to representation node B ₀The completeness check code of message;

Representation node B in the computational process ₀The checking Node B _jThe completeness check code that the message of sending is calculated;

Share representation node A in the key distribution in the territory ₀Send to node A _iThe completeness check code of message;

Share node A in the key distribution in the territory _iChecking representation node A ₀The completeness check code that the message of sending is calculated;

Share representation node B in the key distribution in the territory ₀Send to Node B _jThe completeness check code of message;

Share Node B in the key distribution in the territory _jChecking representation node B ₀The completeness check code that the message of sending is calculated;

E _x(s): plaintext s is encrypted with key x;

D _y(c): ciphertext c is deciphered with key y;

Lagrange interpolation coefficient;

Territory D ₁With territory D ₂The shared key of consulting;

Embodiment

Authentication and cryptographic key negotiation method between the territory that the present invention proposes, the physical network of communicating by letter between the node is converted to the logical network of communicating by letter between territory and the territory, in the territory of wanting to communicate after trusted third party registration, only do not need once communication between same area negotiating about cipher key shared territory, just can make in the territory the required shared key of secure communication between all nodes acquisition territories by the information interaction between representation node in the territory and the ordinary node then.

Accompanying drawing 1 has provided between territory of the present invention the flow chart of authentication and cryptographic key negotiation method, territory D ₁Xuan Ju representation node is A at random ₀, territory D ₂Xuan Ju representation node is B at random ₀, a complete procedure of the Authentication and Key Agreement that carries out between them will be described below.

1) trusted third party sets up system parameters:

Trusted third party chooses the cyclic group (G on two q rank ₁,+) and (G ₂), wherein q is big prime number; G is G ₁Generator; Make that e is G ₁And G ₂On bilinear transformation, i.e. e:G ₁* G ₁→ G ₂

2) want the territory D that communicates ₁With territory D ₂Carry out following registration process with the TTP of trusted third party:

The territory _DAll nodes in 1 are as follows to the concrete steps that the TTP of trusted third party registers:

The first step: territory D ₁In all nodes (supposing to have n+1 node) node A at random elects a deputy ₀, representation node A ₀To territory D ₁In all nodes send the information of inquiring after, and collect territory D ₁In the information of all nodes, the set of structure key application information Gather with identity information

Send message then Give TTP;

Second step: TTP receives territory D ₁The message of sending

And after this message verified, one group of random number t of picked at random ₀, t ₁..., t _i..., t _n∈ Z ^* _qWith satisfy f ₁(0)=(d-1) inferior (d is an integer, is the security parameter that sets in advance) polynomial f of y ₁And calculate open parameter (x), Y=e (g, g) ^yThe private key of (y is the private key of TTP) and each node

Send message by safe lane then

Give territory D ₁Middle corresponding node A _i(i=0,1 ..., n);

Territory D ₂In all nodes as follows to the concrete steps that the TTP of trusted third party registers:

The first step: territory D ₂In all nodes (supposing to have m+1 node) Node B at random elects a deputy ₀, representation node B ₀To territory D ₂In all nodes send the information of inquiring after, and collect territory D ₂In the information of all nodes, the set of structure key application information

Gather with identity information

Send message then

Second step: TTP receives territory D ₂The information of sending and this information verified after, one group of random number l of picked at random ₀, l ₁..., l _j..., l _m∈ Z ^* _qWith satisfy f ₂(0)=(d-1) inferior (d is an integer, is the security parameter that sets in advance) polynomial f of y ₂And calculate open parameter (x),

Y=e (g, g) ^yThe private key of (y is the private key of TTP) and each node

Send message by safe lane then

Give territory D ₂Middle corresponding Node B _j(j=0,1 ..., m);

3) territory D ₁With territory D ₂After succeeding in registration, the TTP of trusted third party carries out following communication process:

3.1) territory D ₁In representation node A ₀Random number x of picked at random _a∈ Z ^* _q, computational fields D ₁Interim public key sets

Then with territory D ₁Interim public key sets

Send to territory D ₂In representation node B ₀

3.2) territory D ₂In representation node B ₀Random number x of picked at random _b∈ Z ^* _q, computational fields D ₂Interim public key sets

Then with territory D ₂Interim public key sets Send to territory D ₂Representation node A ₀

4) territory D ₁With territory D ₂In representation node receive and carry out following computational process after the public key sets that the other side's representation node sends:

Territory D ₁Ordinary node is carried out following process in interior representation node and the territory:

The first step: territory D ₁In representation node A ₀Receive territory D ₂In representation node B ₀The interim public key sets of sending

After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₁Interior i (i=1,2 ..., n) individual node A _iReceive representation node A ₀The territory D that sends ₂Interim public key sets

After, utilize oneself private key

Calculate the shared Sub key

And from node A _iWith node A ₀Shared key

Derived cipher key

With the completeness check key

The 3rd step: node A _iUse encryption key

Encrypt the shared Sub key

Obtain ciphertext

And use the integrality check key

Calculate message Completeness check code Then with message

Send to representation node A ₀

The 4th step: representation node A ₀Receive node A _iThe message of sending

After, from node A ₀With node A _iShared key

Derive decruption key

With the completeness check key

The 5th step: representation node A ₀Use the integrality check key

To the message that receives

Recomputate the message integrity check sign indicating number And the message integrity check sign indicating number that relatively receives

With calculate

Whether equate.If unequal, then abandon this message; If equate, then use decruption key

To cipher-text information

Be decrypted and obtain node A _iThe shared Sub key that calculates

The 6th step: representation node A ₀Receive that the message that each node is sent in the territory successfully obtains (d-1) individual shared Sub key, and calculate the shared Sub key

Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_1,D_2}={\left(\underset{i\∈D_1}{\mathrm{\Π}}e{(A_{B_j},{\mathrm{sk}}_{A_i})}^{{\mathrm{\Δ}}_{i,D_1}\left(0\right)}\right)}^{x_a}={\left(e(g,g)\right)}^{f_1\left(0\right)x_a{x}_b}=Y^{x_a{x}_b}.$

Territory D ₂Ordinary node is carried out following process in interior representation node and the territory:

The first step: territory D ₂In representation node B ₀Receive territory D ₁In representation node A ₀The interim public key sets of sending

After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₂Interior j (j=1,2 ..., m) individual Node B _jReceive representation node B ₀The territory D that sends ₁Public key sets

After, utilize oneself private key

Calculate the shared Sub key

And from Node B _jWith Node B ₀Shared key

Derived cipher key With the completeness check key

The 3rd step: Node B _jUse encryption key

Encrypt the shared Sub key

Obtain ciphertext

And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to representation node B ₀

The 4th step: representation node B ₀Receive Node B _jThe message of sending After, from Node B ₀With Node B _jShared key

Derive decruption key

With the completeness check key

The 5th step: representation node B ₀Use the integrality check key

To the message that receives

Recomputate the message integrity check sign indicating number And the message integrity check sign indicating number that relatively receives

With calculate

Whether equate.If unequal, then abandon this message; If equate, then use decruption key To cipher-text information

Be decrypted and obtain Node B _jThe shared Sub key that calculates

The 6th step: representation node B ₀Receive that the message that the territory interior nodes is sent successfully obtains (d-1) individual shared Sub key, and calculate the shared Sub key

Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_2,D_1}={\left(\underset{j\∈D_2}{\mathrm{\Π}}e{(A_{A_i},{\mathrm{sk}}_{B_j})}^{{\mathrm{\Δ}}_{j,D_2}\left(0\right)}\right)}^{x_b}={\left(e(g,g)\right)}^{f_2\left(0\right)x_a{x}_b}=Y^{x_a{x}_b}.$

5) territory D ₁With territory D ₂The process of the shared key of all node distributions is as follows in the territory:

Territory D ₁Representation node A ₀Calculate and obtain territory D ₁With territory D ₂Shared key

Afterwards, carry out following steps:

The first step: territory D ₁Representation node A ₀Utilize and node A _i(i=1,2 ..., the n) encryption key that goes out of the shared key derivation between

Encrypt and share key Obtain cipher-text message

And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to i node A in the territory _i

Second step: territory interior nodes A _iReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives

With calculate

Whether equate.If unequal, then abandon this message; If equate, then use node A _iWith representation node A ₀Between the decruption key that goes out of shared key derivation Deciphering

Obtain territory D ₁With territory D ₂Shared key

Territory D ₂Representation node B ₀Calculate and obtain territory D ₂With territory D ₁Shared key

Afterwards, carry out following steps:

The first step: representation node B ₀Utilize and Node B _j(j=1,2 ..., the n) encryption key that goes out of the shared key derivation between Encrypt and share key

Obtain cipher-text message And use the integrality check key

Calculate message Completeness check code Then with message

Send to j Node B in the territory _j

Second step: territory interior nodes B _jReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check code that relatively receives

With calculate

Whether equate.If unequal, then abandon this message; If equate, then use Node B _jWith representation node B ₀Between the decruption key that goes out of shared key derivation

Deciphering

Obtain territory D ₁With territory D ₂Shared key

By authentication and cryptographic key negotiation method between the territory of carrying out the present invention's proposition, want the territory D that communicates by letter ₁With territory D ₂In all nodes all obtained shared key K.

Claims (5)

1. authenticate and cryptographic key negotiation method between the territory, authentication and negotiating about cipher key shared between the territory that is used to want to communicate, it is characterized in that: the physical network of communicating by letter between the node is converted to the logical network of communicating by letter between territory and the territory, foundation is the shared key agreement mechanism of center, ordinary node fellowship with representation node in the territory, and this method comprises four steps:

1.1) registration process: two territory D that communicate ₁And D ₂, all nodes are registered to trusted third party in the territory, open parameter of acquisition system and node private key;

1.2) communication process: after registration is passed through, the interim public key sets in the open calculation of parameter territory of the representation node utilization in territory, and send to the other side territory;

1.3) computational process: the representation node in territory carries out information interaction with ordinary node in the territory after receiving the interim public key sets that the representation node in the other side territory sends, and calculates the inter-domain sharing key;

1.4) share key distribution in the territory: after representation node calculated and obtains the inter-domain sharing key, all nodes were distributed in the territory, made that all nodes all obtain to share session key in the territory.

2. authentication and cryptographic key negotiation method is characterized in that: two territory D that communicate between territory according to claim 1 ₁And D ₂The registration process step as follows:

2.1 territory D ₁In all nodes register to the TTP of trusted third party, concrete steps are as follows:

The first step: territory D ₁In all nodes node A that elects a deputy at random ₀, A then ₀Collect territory D ₁In the information of all nodes, the set of structure key application information

Gather with identity information

And transmission message

Give the TTP of trusted third party;

Second step: the TTP of trusted third party receives territory D ₁The message of sending

After, one group of random number t of picked at random ₀, t ₁.., t _i..., t _n∈ Z ^* _qWith satisfy f ₁(0)=the d-1 order polynomial f of y ₁(x), " d is an integer, is the security parameter that sets in advance " calculates open parameter

Y=e (g, g) ^yThe private key of " y is the private key of TTP " and each node

Send message by safe lane then

Give territory D ₁Middle corresponding node A _i, i=0,1 ..., n;

2.2 territory D ₂In all nodes register to the TTP of trusted third party, concrete steps are as follows:

The first step: territory D ₂In all nodes Node B that elects a deputy at random ₀, B then ₀Collect territory D ₂In the information of all nodes, the set of structure key application information Gather with identity information

And transmission message Give the TTP of trusted third party;

Second step: the TTP of trusted third party receives territory D ₂The information of sending After, one group of random number l of picked at random ₀, l ₁..., l _j..., l _m∈ Z ^* _qWith satisfy f ₂(0)=the d-1 order polynomial f of y ₂(x), " d is an integer, is the security parameter that sets in advance ", and calculate open parameter

Y=e (g, g) ^yThe private key of " y is the private key of TTP " and each node

Send message by safe lane then

Give territory D ₂Middle corresponding Node B _j, " j=0,1 ..., m ".

3. authentication and cryptographic key negotiation method is characterized in that: territory D between territory according to claim 1 ₁With territory D ₂Between the communication process step as follows:

3.1 territory D ₁In representation node A ₀Random number x of picked at random _a∈ Z ^* _q, computational fields D ₁Interim public key sets Then with territory D ₁Interim public key sets

Send to territory D ₂In representation node B ₀

3.2 territory D ₂In representation node B ₀Random number x of picked at random _b∈ Z ^* _q, computational fields D ₂Interim public key sets

Then with territory D ₂Interim public key sets

Send to territory D ₂Representation node A ₀

4. authentication and cryptographic key negotiation method between territory according to claim 1, it is characterized in that: ordinary node carries out information interaction in the representation node in territory and the territory, and the process steps of calculating the inter-domain sharing key is as follows:

4.1 territory D ₁Other node is carried out following steps in interior representation node and the territory:

The first step: territory D ₁In representation node A ₀Receive territory D ₂In representation node B ₀The interim public key sets of sending After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₁Interior i node A _i, " i=1,2 ..., n ", receive representation node A ₀The territory D that sends ₂Interim public key sets

After, utilize oneself private key

Calculate the shared Sub key And from node A _iWith representation node A ₀Shared key

Derived cipher key

With the completeness check key

The 3rd step: node A _iUse encryption key Encrypt the shared Sub key

Obtain ciphertext

And use the integrality check key Calculate message

Completeness check code

Then with message

Send to representation node A ₀

The 4th step: representation node A ₀Receive node A _iThe message of sending After, from representation node A ₀With node A _iShared key

Derive decruption key

With the completeness check key

The 5th step: representation node A ₀Use the integrality check key To the message that receives

Recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives

With calculate Whether equate,, then abandon this message if unequal; If equate, then use decruption key

To cipher-text information Be decrypted and obtain node A _iThe shared Sub key that calculates

The 6th step: representation node A ₀Receive that the message that each node is sent in the territory successfully obtains d-1 shared Sub key, and calculate the shared Sub key

Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_1,D_2}={\left(\underset{i\∈D_1}{\mathrm{\Π}}e{(A_{B_j},{\mathrm{sk}}_{A_i})}^{{\mathrm{\Δ}}_{i,D_1}\left(0\right)}\right)}^{x_a}={\left(e(g,g)\right)}^{f_1\left(0\right)x_a{x}_b}=Y^{x_a{x}_b};$

4.2 territory D ₂Other node is carried out following steps in interior representation node and the territory:

The first step: territory D ₂In representation node B ₀Receive territory D ₁In representation node A ₀The interim public key sets of sending

After, the interim public key sets of other node broadcasts in the territory

Second step: territory D ₂Interior j Node B _j, " j=1,2 ..., m ", receive representation node B ₀The territory D that sends ₁Public key sets

After, utilize oneself private key

Calculate the shared Sub key

And from Node B _jWith representation node B ₀Shared key

Derived cipher key

With the completeness check key

The 3rd step: Node B _jUse encryption key Encrypt the shared Sub key Obtain ciphertext

And use the integrality check key

Calculate message

Completeness check code

Then with message

Send to representation node B ₀

The 4th step: representation node B ₀Receive Node B _jThe message of sending

After, from representation node B ₀With Node B _jShared key

Derive decruption key

With the completeness check key

The 5th step: representation node B ₀Use the integrality check key

To the message that receives

Recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives With calculate

Whether equate,, then abandon this message if unequal; If equate, then use decruption key

To cipher-text information

Be decrypted and obtain Node B _jThe shared Sub key that calculates

The 6th step: representation node B ₀Receive that the message that the territory interior nodes is sent successfully obtains d-1 shared Sub key, and calculate the shared Sub key

Then by this d shared Sub cipher key calculation territory D ₁With territory D ₂Shared key $K_{D_2,D_1}={\left(\underset{j\∈D_2}{\mathrm{\Π}}e{(A_{A_i},{\mathrm{sk}}_{B_j})}^{{\mathrm{\Δ}}_{j,D_2}\left(0\right)}\right)}^{x_b}={\left(e(g,g)\right)}^{f_2\left(0\right)x_a{x}_b}=Y^{x_a{x}_b}.$

5. authentication and cryptographic key negotiation method between territory according to claim 1 is characterized in that: after representation node calculated and obtains the inter-domain sharing key in the territory, the step of carrying out shared key distribution in the territory was as follows:

5.1 territory D ₁Representation node A ₀Calculate and obtain territory D ₁With territory D ₂Shared key

After, carry out following steps:

The first step: territory D ₁Representation node A ₀Utilize and node A _i" i=1,2 ..., n " between the encryption key that goes out of shared key derivation

Encrypt and share key

Obtain cipher-text message

And use the integrality check key

Calculate message Completeness check code

Then with message

Send to i node A in the territory _i

Second step: territory interior nodes A _iReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check sign indicating number that relatively receives

With calculate Whether equate,, then abandon this message if unequal; If equate, then use node A _iWith representation node A ₀Between the decruption key that goes out of shared key derivation

Deciphering

Obtain territory D ₁With territory D ₂Shared key

5.2 territory D ₂Representation node B ₀Calculate and obtain territory D ₂With territory D ₁Shared key

After, carry out following steps:

The first step: representation node B ₀Utilize and Node B _j" j=1,2 ..., n " between the encryption key that goes out of shared key derivation

Encrypt and share key

Obtain cipher-text message

And use the integrality check key Calculate message

Completeness check code Then with message

Send to j Node B in the territory _j

Second step: territory interior nodes B _jReceive message

After recomputate the message integrity check sign indicating number

And the message integrity check code that relatively receives

With calculate

Whether equate,, then abandon this message if unequal; If equate, then use Node B _jWith representation node B ₀Between the decruption key that goes out of shared key derivation

Deciphering

Obtain territory D ₁With territory D ₂Shared key

Images