Summary of the invention
The purpose of this invention is to provide a kind of types of applications software can be through supporting the standard cipher API (like Windows CryptoAPI, PKCS#11 etc.) of RSA Algorithm, call automatically and pellucidly ECC, IBE etc. at present the public key encryption algorithm recently clearly do not supported as yet of standard cipher interface carry out the Application and implementation method based on the public key encryption algorithm recently of pseudo-RSA key of crypto-operation.
Key of the present invention is by means of pseudo-RSA key (pseudo-RSA PKI, pseudo-RSA private key), and feasible use to pseudo-RSA key is converted into the corresponding use of the key of public key encryption algorithm (like ECC PKI, private key) recently.Here said pseudo-RSA key; Comprise pseudo-RSA PKI and pseudo-RSA private key; It is so a kind of key; Its key data the same with RSA key (PKI, private key) on data structure; But what deposit in its key data is not real RSA key data, but the key data (like ECC PKI, IBE private key) of corresponding public key encryption algorithm recently (like ECC, IBE).
To achieve these goals, the technical scheme that the present invention adopted is:
A kind of Application and implementation method of the public key encryption algorithm recently based on pseudo-RSA key comprises data encryption system, and said data encryption system is made up of following several parts:
Crypto module a: software or a soft or hard module that has realized supporting the standard cipher module interface (like CryptoSPI, PKCS#11) of RSA cryptographic algorithms funcall; It provides calls the cryptographic function of public key encryption algorithm recently; Comprise the key operation of public key encryption algorithm recently; Like key generation, derivation, importing and deletion etc.; And based on the crypto-operation of public key encryption algorithm recently; Encrypt, decipher digital signature, signature verification etc. like data.
IBE key server (Key Server): just need this key server when having only said crypto module that IBE cryptographic algorithm function is provided; It is responsible for verifying, the corresponding relation between maintenance customer and its identify label, for the user produces the corresponding IBE private key of its identify label.
Pseudo-RSA digital certificate is signed and issued instrument or system: generate pseudo-RSA digital certificate based on pseudo-RSA PKI.
Encryption application software: call said crypto module through the standard cipher API, use recently that public key encryption algorithm carries out data encryption, deciphering, the software program of digital signature, signature verification or system.
The above recently public key encryption algorithm be meant other public key encryption algorithms that propose recently, use outside RSA, the DSA algorithm, like ECC, IBE.
Said pseudo-RSA digital certificate is based on the digital certificate of the reference format of X509, and just the certificate owner's on the certificate RSA PKI is not real RSA PKI, but said pseudo-RSA PKI.
Said pseudo-RSA digital certificate is signed and issued function class that instrument or system and common digital certificate sign and issue instrument or system seemingly, and its main difference is that it is to be used to sign and issue pseudo-RSA digital certificate, rather than common digital certificate.
Overall operation principle of the present invention and process prescription are following.
Encryption application software is by common mode; Through the standard cipher API, call the cryptographic function of the RSA cryptographic algorithms of crypto module, like key operation such as key generation, derivation, importing and deletions; And data encryption, deciphering, crypto-operations such as digital signature, signature verification.
Call for producing the right interface function of RSA key, it is right that said crypto module does not produce real RSA key, but it is right to produce the key of said public key encryption algorithm recently.If what said crypto module was realized is the IBE cryptographic algorithm; Then said crypto module produce the IBE key to the time; Directly do not produce the IBE private key for the user; But it is mutual with the IBE key server; After accomplishing user identity discriminating and the checking of identify label belongingness, confirming; By the IBE key server is that the user produces the corresponding IBE private key of its identify label, and then, it is right to generate the IBE key on this basis.
Interface function for deriving RSA key (RSA PKI, RSA private key) calls; If what the key that will derive was corresponding is the key of said public key encryption algorithm recently; Then said crypto module is not derived RSA key, but derives this corresponding pseudo-RSA key (pseudo-RSA PKI, pseudo-RSA private key) of key of public key encryption algorithm recently; Otherwise, derive RSA key by common mode.
Interface function for importing RSA key (RSA PKI, RSA private key) calls; Said crypto module checks at first whether the RSA key that will import is a pseudo-RSA key; If; Then said crypto module is isolated the key of corresponding public key encryption algorithm recently from the pseudo-RSA key that will import, and it is imported in the crypto module; Otherwise said crypto module imports RSA key by common mode.
(encrypt, decipher for using RSA key (PKI or private key) to carry out crypto-operation like data; Digital signature, signature verification etc.) interface function call; Said crypto module confirms that at first the RSA key that will use is a real RSA key; Still a corresponding key of public key encryption algorithm (like ECC, IBE key) recently; If a real RSA key then uses this RSA key to carry out the associated cryptographic computing by RSA cryptographic algorithms; Otherwise, adopt the key of the public key encryption algorithm recently of corresponding public key encryption algorithm recently and correspondence to carry out the associated cryptographic computing.
Present encryption application software is not directly to use to the use of RSA key (PKI, private key) usually, but carry out through the RSA digital certificate.In the present invention; In order to make application software can use recently the key of public key encryption algorithm pellucidly (like the ECC PKI; Private key); Equally need be by means of the RSA digital certificate; Concrete way is; Right for each to the key of said public key encryption algorithm recently; Sign and issue the digital certificate that an X509 form is signed and issued by instrument or system by pseudo-RSA digital certificate; Certificate holder's (certificate has main body) on the certificate PKI is the pseudo-RSA PKI of this key to correspondence, promptly generates a key with said public key encryption algorithm recently to corresponding pseudo-RSA digital certificate.Use through this puppet RSA digital certificate; Encryption application software will by common mode call the crypto-operation function that crypto module provides based on RSA cryptographic algorithms (as encrypt, deciphering; The signature signature verification); And in fact crypto module will use the corresponding secret key of the corresponding public key encryption algorithm recently of pseudo-RSA certificate, accomplish based on the crypto-operation of public key encryption algorithm recently.
Novelty of the present invention is: by pseudo-RSA key; Recently the crypto module of public key encryption algorithm (like ECC, IBE) function is provided; Can be through crypto module interface standard, that support the RSA Algorithm function; Like Windows CryptoSPI, PKCS#11, the crypto-operation function of public key encryption algorithm recently is provided externally; In this simultaneously; Application software can be through the corresponding standard cipher API of supporting the RSA Algorithm function; Like Windows CryptoAPI, PKCS#11; Using recently, public key encryption algorithm carries out data encryption and crypto-operations such as deciphering, digital signature and signature verification; And this uses recently, and the process of public key encryption algorithm is transparent to using software; Be that they need not to make any modification, also do not know and using public key encryption algorithm recently.
Method of the present invention has solved present standard cipher interface, operating system and application software well can not support the technical problem of public key encryption algorithm recently such as ECC, IBE well, promptly solved public key encryption algorithm recently concrete use and realization aspect the technical problem that faced.
Embodiment
Below in conjunction with accompanying drawing practical implementation of the present invention is further described.
As shown in Figure 1, form by following several parts based on data encryption system of the present invention:
Crypto module; A software or a soft or hard module that has realized supporting the standard cipher module interface (like CryptoSPI, PKCS#11) of RSA cryptographic algorithms funcall; It provides calls the cryptographic function of public key encryption algorithm recently; Its function comprises the key operation of public key encryption algorithm recently; Like generation, derivation, importing and deletion etc.; And based on the cryptographic calculation of public key encryption algorithm recently, as data encrypt, deciphering, digital signature, signature verification etc.
IBE key server (Key Server); Only provide IBE cryptographic algorithm function just to need this key server at said crypto module; It is responsible for verifying, the corresponding relation between maintenance customer and its identify label, for the user produces the corresponding I BE private key of its identify label.
Pseudo-RSA digital certificate is signed and issued instrument or system, generates pseudo-RSA digital certificate based on pseudo-RSA PKI.
Encryption application software calls said crypto module through the standard cipher API, uses recently that public key encryption algorithm carries out data encryption, deciphering, the software program of digital signature, signature verification or system.
Crypto module need realize supporting the standard cipher module interface (like Windows CryptoSPI, PKCS#11 etc.) of RSA Algorithm funcall, realize that this point is not difficult, only needs to get final product according to corresponding crypto module interface specification.
The IBE key server is a service system based on C/S model, and its client promptly is said encrypting module.The IBE key server can adopt common development of information system technology, and like C/C++ or C#, Net or J2EE open language mention environment, and relevant database development technology; The generation of its IBE key can realize with reference to relevant specification, like RFC5091.The IBE key generates and both can in software, realize, also can realize with hardware.Information interaction between IBE key server and encrypting module can adopt existing secure infomation passageway technology, like SSL etc.
The realization that pseudo-RSA digital certificate is signed and issued instrument or system can realize based on the cryptographic function exploitation that OpenSSL tool storage room or Windows CryptoAPI provide; Perhaps, through being signed and issued system, existing digital certificate transforms realization.
For application software, need not carry out any modification, they use RSA cryptographic algorithms to carry out relevant data encryption, deciphering, crypto-operations such as digital signature, signature verification by the mode of common use RSA key or RSA digital certificate.
The concrete realization of correlation function of the present invention is described below.
Call for producing the right interface function of RSA key, whether said crypto module is the IBE algorithm according to the public key encryption algorithm recently of its realization, and its processing procedure is different:
Situation 1. is not if the public key encryption algorithm recently that crypto module is realized is the IBE algorithm, and then said crypto module carries out relevant operation as follows:
The key of public key encryption algorithm (like the ECC algorithm) is right recently to produce one, in internal memory or storage medium, generates corresponding key to object, and " return " key" is to handle, the pointer of object or quote then.
Situation 2. is if the public key encryption algorithm recently that said crypto module is realized is the IBE algorithm, and then said crypto module carries out relevant operation with the IBE key server by following workflow:
Steps A 1. crypto modules are through special man-machine interface, and the prompting user imports its identify label;
After steps A 2. users input, the submission identify label, crypto module connects the IBE key server;
Steps A 3.IBE key server requires that the user is carried out identity and differentiates;
Steps A 4. crypto modules are through man-machine interface, and the prompting user submits or select its identity documents (like user name/password, digital certificate) to;
Identity documents and relevant private data (like password, certificate private key) thereof that steps A 5. crypto modules utilize the user to submit to or select, mutual with the IBE key server, accomplish user identity and differentiate;
After steps A 6. user identity were differentiated and passed through, the IBE key server confirmed that further the user is the real owner of identify label;
Steps A 7. users are that the IBE key server produced the corresponding IBE private key of User Identity, then, the IBE private key is returned to crypto module after identify label owner checking was passed through;
The IBE private key that steps A 8. crypto modules return based on the IBE key server generates corresponding IBE PKI, then, in internal memory or storage medium, produces corresponding IBE key to object, and is last, returns the IBE key to handle, the pointer of object or quote.
In above steps A 5, the IBE key server is differentiated and can be adopted the identity authentication technique based on user name/password, dynamic password or identity digital certificate etc. according to concrete safety requirements user's identity; If user's identity documents is the identity digital certificate; Then crypto module differs surely and directly to obtain to be kept at the private key of the user identity digital certificate in other crypto modules or the storage medium (like smart card, USB Key); But it can use the private key of this certificate to accomplish user identity through corresponding password interface and differentiate required crypto-operation operation, carry out digital signature like the random challenge information that the IBE key server is sent.
In above steps A 6; The IBE key server confirms that the user is that the real owner of identify label has a variety of approach; As identify label be included in the identity documents (such as; It is exactly the account name of user on the IBE server; Or the user's common name in the digital certificate; Or the E-mail address in the certificate etc.); Perhaps; The user has imported its identify label when the IBE key server is registered; And this sign is had through other reliable approach checkings by the user; Confirm; Such as, if identify label is Mobile Directory Number or E-mail address, then can sends confirmation codes and verify etc. to corresponding mobile mobile phone or E-mail address.
Interface function for deriving RSA key (PKI or private key) calls, and said crypto module is operated as follows:
Confirm that the RSA key that will derive is a real RSA key, a still corresponding key of public key encryption algorithm (like ECC, IBE key) recently is if a real RSA key then derives by common RSA key and accomplishes relevant operation; Otherwise; Produce a RSA key (PKI or private key) data structure; The key (like the IBE PKI or the private key of correspondence) of the public key encryption algorithm recently that the RSA key that will derive is corresponding is put in this RSA key data structure; Then; In this RSA key data structure, put into the characteristic place value of making an appointment in the untapped specific digits; Afterwards, this RSA key data structure is returned as the key data of deriving.
For above latter event; Promptly the key of Dao Chuing is the corresponding situation of the key of public key encryption algorithm recently; The key data structure of the key that returns has the key data structure identical with common RSA key; But what wherein comprise is not real RSA key; But the key of corresponding public key encryption algorithm recently; Therefore, this key that returns is pseudo-RSA key.And here, the characteristic place value of the specific digits in the key data structure of pseudo-RSA key, or special numerical digit string, perhaps, by corresponding public key encryption algorithm recently key produce through specific computing (like hash operations).
Be implemented in and embed the key of public key encryption algorithm (like ECC PKI or private key) recently in RSA key (PKI or the private key) data structure; And the characteristic place value that adding is made an appointment in the untapped specific digits in this data structure is not difficult; Because; Has certain key strength (as 224; 192) ECC; The shared numerical digit ratio of key data structure of the key of public key algorithm (PKI and private key) such as IBE etc. recently have suitable key strength (as 2048; 1024) the shared numerical digit of key data structure of RSA key (PKI and private key) to reduce a lot; Therefore; Can easily in the key data structure of the suitable RSA key of key strength, put into the corresponding secret key data of corresponding public key encryption algorithm recently, and unnecessary; Add predetermined in advance characteristic place value in the untapped specific digits.If the key data structure of the RSA key of a certain key strength is not enough to deposit corresponding non-RSA key data, then can adopt the higher RSA key of key strength.
Interface function for importing RSA key (PKI or private key) calls, and said crypto module is operated as follows:
Specific digits in the key data structure of the RSA key that inspection will import; See whether its value is the characteristic place value of making an appointment; Whether the RSA key that i.e. inspection will import is pseudo-RSA key; If then from the key data that imports, isolate the corresponding secret key (like corresponding ECC PKI or private key) of corresponding public key encryption algorithm recently; Otherwise, accomplish import operation by common RSA key.
What need explanation is; In the IBE data encryption; Usually we just call PKI to identify label; But it is to be not enough to accomplish relevant data encryption computing that identify label is only arranged; Relevant IBE open parameters (like corresponding elliptic curve parameter and accomplish the required IBE open parameters of bilinear mappings etc.) also need be arranged; Therefore, said in the present invention IBE PKI not only comprises identify label, and comprises the required relevant IBE open parameters of completion crypto-operation.
Interface function for using RSA key (PKI or private key) to carry out crypto-operation (encrypt, decipher digital signature, signature verification etc. like data) calls, and said crypto module is operated as follows:
Confirm that the RSA key that will use is a real RSA key; Still a corresponding key of public key encryption algorithm (like ECC, IBE key) recently; If a real RSA key then uses this RSA key to carry out the associated cryptographic computing by RSA cryptographic algorithms; Otherwise, adopt the key of the public key encryption algorithm recently of corresponding public key encryption algorithm recently and correspondence to carry out the associated cryptographic computing.
For signing and issuing of pseudo-RSA digital certificate, its practical implementation method is following:
If the public key encryption algorithm recently that said crypto module is realized is not the IBE algorithm; Then sign and issue instrument or system by said pseudo-RSA digital certificate; The pseudo-RSA PKI that calls derivation with the interface function of the derivation RSA key of foregoing crypto module is a certificate holder PKI; Sign and issue the digital certificate of an X509 form, supply encryption application software to use.
If the public key encryption algorithm recently that said crypto module is realized is the IBE algorithm; Then cross pseudo-RSA digital certificate with enciphered data deciphering square tube and sign and issue instrument or system data encryption side; Generate corresponding pseudo-RSA digital certificate independently of one another, supply encryption application software to use.In order to realize this purpose; Said encrypting module is except the interface function of realizing said standard cipher module interface defined; Also have special additional interface function to be used for producing, derive the corresponding pseudo-RSA PKI of identify label (also being the IBE PKI), supply data encryption side to generate pseudo-RSA digital certificate.Said encrypting module is handled calling this interface function by following process:
Step B1. is through special man-machine interface, prompting user input (enciphered data recipient, i.e. data decryption side) identify label;
Step B2. generates the corresponding IBE PKI of identify label according to the identify label of IBE open parameters and user's input;
Step B3. produces a RSA public key data structure; Step B2 is produced the IBE PKI to be put in this RSA public key data structure; And in this RSA public key data structure, put into the characteristic place value of making an appointment in the untapped specific digits; Afterwards, this RSA public key data structure is returned as the public key data that derives.
Extra being used to produces, derives the interface function of the corresponding pseudo-RSA PKI of identify label more than having had, and the IBE key is following to the production process of the pseudo-RSA digital certificate of correspondence:
Data encryption side utilizes the additional interface function of the corresponding pseudo-RSA PKI of generation, the derivation identify label of foregoing crypto module; Obtain the corresponding pseudo-RSA PKI of deciphering side's identify label (being the IBE PKI), and generate a pseudo-RSA digital certificate with this pseudo-RSA PKI; Enciphered data deciphering side; Be the owner of identify label; Call the right interface function of generation RSA key of foregoing crypto module through the password API; It is right to produce the corresponding IBE key of self identify label; Interface function with the derivation RSA key of foregoing crypto module calls then; Derive the corresponding pseudo-RSA PKI of IBE PKI with the mode that derives the RSA PKI, i.e. the pseudo-RSA PKI that identify label is corresponding, and with pseudo-RSA digital certificate of this pseudo-RSA PKI generation; The independent separately pseudo-RSA digital certificate that generates in enciphered data encryption side, deciphering side can be the certificate from signature; Also can right and wrong from the certificate of signature, but the pseudo-RSA digital certificate that both independently generate separately has identical subject (Subject Name), issuer name (Issuer Name) and sequence number (Serial Number).
Sign and issue in the system at common digital certificate, the digital certificate request of signing and issuing that the user submits to not only includes client public key, and will carry out digital signature with the request of signing and issuing of the corresponding private key cert of this PKI; And the certificate issuance system is before signing and issuing digital certificate, need be with the digital signature of the public key verifications certificate issuance request in the certificate issuance request.In the present invention, the user RSA PKI in the digital certificate is pseudo-RSA PKI, and to this, pseudo-RSA digital certificate is signed and issued the digital signature that instrument or system can adopt one of following dual mode cert to sign and issue in the request and handled:
The digital signature that mode 1. does not use the RSA PKI cert in the certificate issuance request to sign and issue request verifies that the value of this digital signature can be a random number, or the particular value of making an appointment; Perhaps,
Whether the value of the specific digits of the RSA public key data in the mode 2. inspection certificate issuance requests is the characteristic place value; Thereby confirm whether it is pseudo-RSA PKI; If; Then from this puppet RSA PKI, isolate the corresponding PKI of public key algorithm recently, and verify with the digital signature that isolated PKI cert is signed and issued in the request; Otherwise, directly use the RSA PKI in the certificate issuance request to sign and issue the digital signature in the request by the usual way authentication certificate.
Use when public key encryption algorithm (like ECC, IBE etc.) carries out encryption of blocks of data recently, the required random parameters of deciphering is kept in the encrypted data chunk simultaneously.Since one recently the length of the encrypted data chunk of public key encryption algorithm be far smaller than the length of the rsa encryption data block of equal Cipher Strength usually; To adopt the border of public key encryption algorithm data encrypted piece recently and the boundary alignment of corresponding rsa encryption data block (as 1024) in order making, can behind the encrypted data chunk of one or more public key encryption algorithms recently, to add the random bytes string.
The unaccounted concrete technology implementation of this specification is well-known, self-explantory for those skilled in the relevant art.
The content of not doing in this specification to describe in detail belongs to this area professional and technical personnel's known prior art.