A kind of method of Multiple Combination key
Technical field
The invention belongs to filed of network information security, relate to a kind of cipher key combinations method, be applied under the Conbined public or double key system (CPK), make user's private key be effectively protected.
Background technology
Public Key Infrastructure (PKI) has been deep into the various aspects of network world as the current greatest engineering of cryptographic applications.PKI is meant the security infrastructure with universality of implementing and provide security service with the notion of public-key cryptography and technology.Any security infrastructure based on public-key technology all is PKI.The core of public-key technology is a rivest, shamir, adelman, and common have RSA and an ECC algorithm.Wherein the key in the ECC algorithm have can be compound characteristic, utilize this characteristic on the basis of PKI, to amplify out the Conbined public or double key system again: the CPK system.
The CPK system has realized having solved insurmountable technical barrier of a lot of past based on authentication, digital signature and the cipher key change of sign (such as user ID).The CPK algorithm is produced and is close to unlimited key with very little factor, sets up sign and key correspondence by " mapping algorithm ", thereby huge database is reduced to small key generator matrix.CPK is as a kind of public-key cryptosystem, and its algorithm (comprising cipher key combinations algorithm and mapping algorithm) and PKI matrix are open to the public, and private key and private key matrix are maintained secrecy.Private key is by user's keeping, and the private key matrix is controlled by KMC.User's private key is generated by sign mapping algorithm and private key matrix by KMC.
The CPK system has the online support that advantage: CPK does not need database on scale, economy, feasibility, operational efficiency, the available chip of checking end is realized; It in PKI, must rely on the third party and just can finish checking and test label, and CPK can again; CPK only need obtain square mark, and only tens bytes just can solve the other side's PKI, saves the expense of transmitting certificate greatly.
Though there is huge superiority in the CPK authentic authentication system, yet CPK system itself can not be resisted a large number of users collusion attack.For the CPK combinatorial matrix of m*m, as long as the assailant collects the private key for user of m* (m-1) quantity, just can solve whole private key factor matrix, thus the whole system of cracking.
The key of CPK is the private key factor matrix, is easy to be subjected to from various attack outside and inside.
In addition, the key of CPK is directly related with sign ID, needs to upgrade in case key is lost, and user's ID also will change thereupon, is unfavorable for the application of many occasions.Such as, people's identity ID should not change with the renewal of key or certificate.
Therefore, how to solve private key protection and replacement problem, become the significant problem that needs to be resolved hurrily in the CPK authentication system.
Summary of the invention
The objective of the invention is to propose a kind of method of Multiple Combination key, resist user's collusion attack effectively, can also help the management and the key updating of KMC (KMC) simultaneously in order to strengthen the fail safe of CPK authentication system.
Technical scheme of the present invention is:
1, formulates the generation rule of user ID,, and make the value of every group of sub-ID be no more than cipher key combinations rank of matrix m* (m-1) the ID average packet.
2, produce every group PKI matrix respectively and become sequence with the private key rectangular, wherein the PKI matrix sequence is externally announced, the private key matrix sequence then according to the requirement of " key is cut apart ", is stored respectively by the KMC strange land.
3, the generation of private key for user: certificate center utilizes the private key matrix sequence to generate user's private key when producing an ID according to above-mentioned rule for the user, its step is the sub-private key that at first divides into groups according to compound each ID of going out of the method for CPK Conbined public or double key system, then with the further compound private key for user that then obtains of the whole sub-private keys of gained.
4, the derivation of client public key: as relying party's (authentication) when receiving user ID, utilize the PKI matrix sequence of announcing in advance can derive client public key, the generation of its step and private key is in full accord.
5, respectively independently produce every group public affairs, a plurality of copies of private key matrix, and periodic replacement, after user ID, set up some positions " version number ", find corresponding public affairs, private key matrix to produce private key, derive PKI according to the queueing discipline of version number.
Advantage of the present invention is:
1, because every group of sub-ID value is no more than the order of its cipher key matrix, cracks the private key matrix, fundamentally avoided collusion attack so can't obtain abundant private key quantity;
2, the generation of private key for user is private key matrix sequence decision by a plurality of private key matrixes, with strange land storage respectively of each private key matrix in the sequence, has realized that naturally key cuts apart, and is beneficial to that KMC resists external attack and the internal staff commits a crime;
3, by the version number of ID certificate is set, make that user ID can be along with new key more and change, help reporting the loss, revoke and upgrading of ID certificate.
Embodiment
1, select the ID of 12 ten's digits as the user, can be divided into 4 groups, every group of 3 numerals, condition are that these 3 numerals can not be identical, have 990 kinds to follow the example of.And all the value space of ID is 990^4, approximates 1,000,000,000,000 kinds.
2, correspondingly, every group of public affairs, private key matrix of getting 32*32, its order is 32*31=992, greater than 990, meets the condition that can't crack.The numerical value of public, private key matrix same position, one group of discrete logarithm, i.e. public private key pair on corresponding the given elliptic curve (ECC).Onrelevant between every group of cipher key matrix that generates, provides sequence numbering I, II, III, IV respectively by totally 4 groups.Wherein the PKI matrix sequence is externally announced, and the private key matrix sequence can be according to the key partitioning scheme of " 4 select 3 ", i.e. matrix I and II, II and III, III and IV, IV and I combination in twos respectively, and the strange land is stored in 4 safety places.
3, the generation of private key: one group of sub-ID is done the computing of SHA-1 hash, obtain 160 hashed value, 5 is one group, obtain 32 groups 5 (bit) numerals altogether, therefore group number can be expressed as 0-31 number, and the numerical value among every group also can be expressed as the decimal system numerical value (binary zero 0000-11111) of 0-31.Represent row matrix number with group number, numerical value representative row number are mapped to the private key matrix, find 32 sub-private keys, by the compound calculating of key, obtain the sub-private key of grouping of sub-ID.Above-mentioned computing is done in 4 ID groupings respectively, is obtained group key, as follows formula:
The private key sum of matrix I: r
I=(r
1+ r
2+ ... + r
32) mod n,
The private key sum of matrix II: r
II=(r
1+ r
2+ ... + r
32) mod n,
The private key sum of matrix III: r
III=(r
1+ r
2+ ... + r
32) mod n,
The private key sum of matrix IV: r
IV=(r
1+ r
2+ ... + r
32) mod n,
Then, again 4 group keys are done compound calculating for the second time:
Final key r=(r
I+ r
II+ r
III+ r
IV) mod n.
4, the derivation of client public key: in full accord with the private key production process, the mapping matrix difference that different are to use.Produce private key private key matrix, derive PKI PKI matrix.
5, at first set up copy respectively for public affairs, the private key matrix of grouping, the quantity of copy is according to the frequency decision of ID certificate update; Then, for the ID certificate is provided with version number, such as 6 bit digital, preceding four representatives are issued licence days, and version is upgraded in back two representatives; Formulate a rule at last, can select different public affairs, private key matrix copy to produce private key or derivation PKI according to different version numbers.