CN104821884A - Private key protection method based on asymmetric secret key system - Google Patents
Private key protection method based on asymmetric secret key system Download PDFInfo
- Publication number
- CN104821884A CN104821884A CN201510246652.8A CN201510246652A CN104821884A CN 104821884 A CN104821884 A CN 104821884A CN 201510246652 A CN201510246652 A CN 201510246652A CN 104821884 A CN104821884 A CN 104821884A
- Authority
- CN
- China
- Prior art keywords
- private key
- proxy server
- pki
- server end
- user side
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a private key protection method based on an asymmetric secret key system. The method comprises the steps: employing distributed operation during the building of a private key and/or signature encryption. A public key is divided into different public key segments, wherein one segment is used for secondary encryption and the other segment is used for decryption and verification. During the distributed operation, a proxy server terminal CPU and a user terminal CPU complete encryption operation at different levels. During the distributed operation, only the distributed operation of the public key is carried out and the distributed operation of a private key is not carried out. The private key is not changed, thereby enabling the private key and the public key on the proxy server terminal to be in asymmetric relation. According to the invention, the concept and logic of a shadow public key is added, and the encryption of the private key or signature cryptograph can pass the verification of the public key only of the shadow public key participates the distributed operation, thereby preventing the encryption operation and a hacker Trojan invader from working in the same CPU and internal memory environment, and avoiding a problem of signature embezzlement caused by the leakage of the private key.
Description
Technical field
The present invention relates to a kind of private key protection method based on unsymmetrical key system, for the secret key encryption of the electronic signature such as Mobile banking, mobile phone A PP digital certificate, authentication field.
Background technology
Similar comparable technologies is there is no at present in pure soft solution.
Conventional method is single CPU computing, and namely private key does in client and independently submits to authentication after cryptographic calculation and use public-key and do deciphering sign test.
U shield with the immediate prior art of the technical program, analyze from safety perspective with reference to hardware U shield, hardware U shield adopts independently CPU and memory headroom to be encrypted computing, and object is that preventing hacker's wooden horse from following the tracks of internal memory process steals private key or forge a signature.
Summary of the invention
In order to steal private key in preventing hacker's wooden horse from following the tracks of internal memory process or forge a signature, the invention provides a kind of private key protection method based on unsymmetrical key system.
Technical scheme of the present invention is:
Based on the private key protection method of unsymmetrical key system, adopt distributed arithmetic when creating double secret key and/or encrypted signature.
PKI is split into different PKI fragments, when carrying out described distributed arithmetic, complete the computations of different levels respectively at proxy server end CPU and user terminal CPU.
When distributed arithmetic, only carry out distributed arithmetic to PKI, and do not carry out distributed arithmetic to private key, private key is constant, makes the private key of user side and the PKI of proxy server end end form asymmetric relation.
The method of distributed arithmetic is adopted specifically to comprise the following steps when creating double secret key:
S1, in proxy server end end stochastic generation two prime P
a1and P
a2, P
a1and P
a2be multiplied and obtain PKI P
a;
S2, at user terminal assignment E=P
a, and at user terminal stochastic generation two prime P and Q, calculate mould N=PQ;
S3, user terminal calculate R=(P-1) (Q-1);
S4, destruction P and Q;
S5, compare E and R at user terminal, as E>R, carry out, except remaining computing, until during E<R, judging whether E is less than RSA_F4 (65537) to E, if so, then repetition step s1, otherwise carry out next step;
S6, calculate E about the mould antielement d of R at user terminal
a;
S7, destruction R and E;
S8, user terminal generate random number R, R ∈ [1, N-1];
S9, calculate C=M^d at user terminal
a(mod N);
S10, on proxy server end, calculate C'=C^P
a1(mod N);
S11, on proxy server end, compare C'==C, if so, then repeat step s1, otherwise carry out next step;
S12, on proxy server end, calculate R'=C^P
b(mod N);
S13, on proxy server end, compare R'==R, if so, then repeat step s1, otherwise complete calculating.
Private key produces at user terminal, and after being encrypted calculating to private key, destroying the parameters of formula that encrypted private key calculates, make private key not leave user terminal.
The method of described encrypted signature, comprise PKI partition and sign test, PKI is divided and splits out a PKI fragment, and be pushed to credible sign test end in this, as shadow PKI through encryption, by the CPU of proxy server end CPU and credible sign test end, distributed arithmetic is carried out to PKI.
The method of distributed arithmetic is adopted specifically to comprise the following steps during encrypted signature:
K1, on proxy server end, calculate C'=C^P
a1(mod N);
K2, calculate H'=C'^P at credible sign test end
a2(mod N);
K3, to fill at credible sign test end and obtain H=unPad (H');
K4, compare H==hash (M') at credible sign test end, if so, then sign test is passed through, otherwise sign test is not passed through.
Invention increases concept and the logic of shadow PKI, must participate in distributed arithmetic via shadow PKI, encrypted private key or signature ciphertext are just by PKI sign test.Avoid the invader such as cryptographic calculation and hacker's wooden horse to work in same CPU and memory environment, avoid because private key is revealed and the problem of stolen signature.
User side private key stores the method still adopting discrete storage redundancy computing; But not simply preserve private key with document form.This greatly enhances the difficulty that private key is stolen.In addition this new method of declaring, even if guarantee just in case private key has been stolen and also cannot have forged/falsely use signature.And in process of the invention process, without the need to change original non-pile key code system and become original PKI certificate framework.
Accompanying drawing explanation
Fig. 1 is PKI partition relation schematic diagram;
Fig. 2 is that PKI fractionation-double secret key generates schematic diagram;
Fig. 3 is PKI fractionation-sign test schematic diagram.
In figure:
A: the user using key cryptosystem altogether, i.e. user terminal;
B: the service provider that associating sign test is provided, i.e. agency service end;
C: credible sign test end, such as bank---" C " implication is herein different from the implication of " C ", " C' " in formula calculation process; Wherein the C of formula calculation process is ciphertext.
Embodiment
Below in conjunction with accompanying drawing, technical scheme of the present invention is specifically addressed; it is to be noted; technical scheme of the present invention is not limited to the execution mode described in embodiment; the content of those skilled in the art's reference and reference technical solution of the present invention; the improvement that basis of the present invention is carried out and design, should belong to protection scope of the present invention.
As shown in Figure 1, the private key protection method based on unsymmetrical key system of the present invention:
Theory deduction, wherein, M is that expressly N is public modulus, P
afor the PKI of user A, d
afor the private key of user A, P
a1and P
a2for the PKI fragment of user A, C is by private key d
athe ciphertext generated, C' refers to the superencipher literary composition of proxy server end end B to ciphertext C.
Asymmetric relation can be expressed as: M^ (d
a× P
a) ≡ M (mod N)
Because: P
a=P
a1× P
a2
So: M^ (d
a× P
a1× P
a2) ≡ M (mod N)
M^((d
A×P
A1)×P
A2)≡M(mod N)
That is: P
a2with (d
a× P
a1) form about the asymmetric relation of N
Formula calculates
To plaintext M, use d
ado encrypted private key:
C=M^d
A(mod N)
To ciphertext C, use P
a1do public key encryption:
C’=C^P
A1(mod N)
That is: C '=(M^d
a(mod N)) ^P
a1(mod N)
=(M^(d
A×P
A1))(mod N)
To ciphertext C ', use P
a2do public key decryptions:
C’^P
A2(mod N)
=(C^P
A1(mod N))^P
A2(mod N)
=C^(P
A1×P
A2)(mod N)
=C^P
A(mod N)
=M
M ': message to be verified.
As shown in Figure 2, the method for distributed arithmetic is adopted specifically to comprise the following steps when creating double secret key:
S1, on proxy server end stochastic generation two prime P
a1and P
a2be multiplied and obtain PKI P
a;
S2, at user side assignment E=P
a, and at user terminal stochastic generation two prime P and Q, calculate mould N=PQ;
S3, user side calculate R=(P-1) (Q-1);
S4, destruction P and Q;
S5, compare E and R at user side, as E>R, carry out, except remaining computing, until during E<R, judging whether E is less than RSA_F4 (65537) to E, if so, then repetition step s1, otherwise carry out next step;
S6, calculate E about the mould antielement d of R at user terminal
a;
S7, destruction R and E;
S8, user side generate random number R, R ∈ [1, N-1];
S9, calculate C=M^d at user side
a(mod N);
S10, on proxy server end, calculate C'=C^P
a1(mod N);
S11, on proxy server end, compare C'==C, if so, then repeat step s1, otherwise carry out next step;
S12, on proxy server end, calculate R'=C^P
a2(mod N);
S13, on proxy server end, compare R'==R, if so, then repeat step s1, otherwise complete calculating.
As shown in Figure 3, the method for distributed arithmetic is adopted specifically to comprise the following steps during encrypted signature:
K1, on proxy server end, calculate C'=C^P
a1(mod N);
K2, calculate H'=C'^P at credible sign test end
a2(mod N);
K3, to fill at credible sign test end and obtain H=unPad (H');
K4, compare H==hash (M') at credible sign test end, if so, then sign test is passed through, otherwise sign test is not passed through.
Claims (8)
1. based on the private key protection method of unsymmetrical key system, it is characterized in that, the method comprises:
Distributed arithmetic is adopted when creating double secret key and/or encrypted signature.
2. method according to claim 1, it is characterized in that, when creating double secret key, the PKI of server end is split into different PKI fragments at proxy server end, when carrying out described distributed arithmetic, complete the computations of different levels respectively at proxy server end CPU and user side CPU.
3. method according to claim 2, it is characterized in that, when distributed arithmetic, completed by proxy server end CPU and user side CPU and distributed arithmetic is carried out to PKI, and distributed arithmetic is not carried out to private key, private key is constant, makes the private key of user side and the PKI of proxy server end end form asymmetric relation.
4. the method according to claim 1,2 or 3, is characterized in that, adopts the method for distributed arithmetic specifically to comprise the following steps when creating double secret key:
S1, in proxy server end end stochastic generation two prime P
a1and P
a2, by P
a1and P
a2be multiplied and obtain PKI P
a;
S2, at user side assignment E=P
a, and at user terminal stochastic generation two prime P and Q, calculate mould N=PQ;
S3, user side calculate R=(P-1) (Q-1);
S4, destruction P and Q;
S5, compare E and R at user side, as E>R, carry out, except remaining computing, until during E<R, judging whether E is less than RSA_F4 (65537) to E, if so, then repetition step s1, otherwise carry out next step;
S6, calculate E about the mould antielement d of R at user side
a;
S7, destruction R and E;
S8, user side generate random number R, R ∈ [1, N-1];
S9, calculate C=M^d at user side
a(mod N);
S10, on proxy server end, calculate C'=C^P
a1(mod N);
S11, on proxy server end, compare C'==C, if so, then repeat step s1, otherwise carry out next step;
S12, on proxy server end, calculate R'=C^P
a2(mod N);
S13, on proxy server end, compare R'==R, if so, then repeat step s1, otherwise complete calculating.
5. method according to claim 1 and 2, is characterized in that, private key produces at user side, and after being encrypted calculating to private key, destroying the parameters of formula that encrypted private key calculates, make private key not leave user side.
6. method according to claim 1 and 2, it is characterized in that, the method of distributed arithmetic is adopted during encrypted signature, comprise PKI partition and sign test, PKI is divided and splits out a PKI fragment, and be pushed to credible sign test end in this, as shadow PKI through encryption, by the CPU of proxy server end CPU and credible sign test end, distributed arithmetic is carried out to PKI.
7. the method according to claim 1,5 or 6, is characterized in that, the method for described encrypted signature specifically comprises the following steps:
K1, on proxy server end, calculate C'=C^P
a1(mod N);
K2, calculate H'=C'^P at credible sign test end
a2(mod N);
K3, to fill at credible sign test end and obtain H=unPad (H');
K4, compare H==hash (M') at credible sign test end, if so, then sign test is passed through, otherwise sign test is not passed through.
8. method according to claim 7, is characterized in that, step k1 calculates C'=C^P on proxy server end
a1credible sign test end is entered by escape way after (mod N).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510246652.8A CN104821884B (en) | 2015-05-14 | 2015-05-14 | Private key protection method based on unsymmetrical key system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510246652.8A CN104821884B (en) | 2015-05-14 | 2015-05-14 | Private key protection method based on unsymmetrical key system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104821884A true CN104821884A (en) | 2015-08-05 |
| CN104821884B CN104821884B (en) | 2019-01-22 |
Family
ID=53732060
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510246652.8A Active CN104821884B (en) | 2015-05-14 | 2015-05-14 | Private key protection method based on unsymmetrical key system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104821884B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106603236A (en) * | 2015-10-15 | 2017-04-26 | 收付宝科技有限公司 | Method and device for generating signature |
| CN106851635A (en) * | 2016-12-15 | 2017-06-13 | 北京三未信安科技发展有限公司 | A kind of distributed signature method and system of identity-based |
| CN107302438A (en) * | 2017-08-07 | 2017-10-27 | 收付宝科技有限公司 | A kind of private key protection method based on key updating, system and device |
| CN109218012A (en) * | 2018-09-11 | 2019-01-15 | 重庆邮电大学 | A kind of distributed intelligence ammeter sale of electricity method and system with concentrator |
| WO2020114377A1 (en) * | 2018-12-03 | 2020-06-11 | Foris Limited | Secure distributed key management system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060104441A1 (en) * | 2004-11-17 | 2006-05-18 | Microsoft Corporation | Password protection |
| CN1801696A (en) * | 2006-01-13 | 2006-07-12 | 南京邮电大学 | Key managing project for virtual organization under gridding computer environment |
| CN102170356A (en) * | 2011-05-10 | 2011-08-31 | 北京联合智华微电子科技有限公司 | Authentication system realizing method supporting exclusive control of digital signature key |
| US20120159178A1 (en) * | 2010-12-15 | 2012-06-21 | Microsoft Corporation | Providing security services on the cloud |
-
2015
- 2015-05-14 CN CN201510246652.8A patent/CN104821884B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060104441A1 (en) * | 2004-11-17 | 2006-05-18 | Microsoft Corporation | Password protection |
| CN1801696A (en) * | 2006-01-13 | 2006-07-12 | 南京邮电大学 | Key managing project for virtual organization under gridding computer environment |
| US20120159178A1 (en) * | 2010-12-15 | 2012-06-21 | Microsoft Corporation | Providing security services on the cloud |
| CN102170356A (en) * | 2011-05-10 | 2011-08-31 | 北京联合智华微电子科技有限公司 | Authentication system realizing method supporting exclusive control of digital signature key |
Non-Patent Citations (1)
| Title |
|---|
| 杨帆等: "一个P2P分布式数字签名系统", 《计算机应用》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106603236A (en) * | 2015-10-15 | 2017-04-26 | 收付宝科技有限公司 | Method and device for generating signature |
| CN106851635A (en) * | 2016-12-15 | 2017-06-13 | 北京三未信安科技发展有限公司 | A kind of distributed signature method and system of identity-based |
| CN106851635B (en) * | 2016-12-15 | 2019-10-29 | 北京三未信安科技发展有限公司 | A kind of distributed signature method and system of identity-based |
| CN107302438A (en) * | 2017-08-07 | 2017-10-27 | 收付宝科技有限公司 | A kind of private key protection method based on key updating, system and device |
| CN107302438B (en) * | 2017-08-07 | 2020-10-30 | 吕文华 | Private key protection method, system and device based on key updating |
| CN109218012A (en) * | 2018-09-11 | 2019-01-15 | 重庆邮电大学 | A kind of distributed intelligence ammeter sale of electricity method and system with concentrator |
| WO2020114377A1 (en) * | 2018-12-03 | 2020-06-11 | Foris Limited | Secure distributed key management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104821884B (en) | 2019-01-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111989891B (en) | Data processing method, related device and block chain system | |
| CN108683493B (en) | Data aggregation method for providing privacy protection in smart power grid | |
| CN109034796B (en) | Alliance chain-based transaction supervision method, electronic device and readable storage medium | |
| WO2021120871A1 (en) | Authentication key negotiation method and apparatus, storage medium and device | |
| EP3487118A1 (en) | Data processing method and device | |
| CN104052606B (en) | Digital signature, signature authentication device and digital signature method | |
| US9419798B2 (en) | Public encryption method based on user ID | |
| JP7105308B2 (en) | Digital signature method, device and system | |
| CN104270249A (en) | Signcryption method from certificateless environment to identity environment | |
| CN109547209B (en) | Two-party SM2 digital signature generation method | |
| CN112202544B (en) | Smart power grid data security aggregation method based on Paillier homomorphic encryption algorithm | |
| CN104821884A (en) | Private key protection method based on asymmetric secret key system | |
| CN103414559B (en) | A kind of identity identifying method of based on class IBE system under cloud computing environment | |
| CN104301108A (en) | Signcryption method based from identity environment to certificateless environment | |
| CN103227780A (en) | Method for designing public auditable storage verifiable scheme for cloud data | |
| CN112417489B (en) | Digital signature generation method and device and server | |
| WO2023184858A1 (en) | Timestamp generation method and apparatus, and electronic device and storage medium | |
| CN111767559A (en) | Field level encryption blockchain data | |
| CN114448641A (en) | Privacy encryption method, electronic equipment, storage medium and chip | |
| CN113765662A (en) | Signature and decryption method and system based on SM2 algorithm | |
| CN113067816A (en) | Data encryption method and device | |
| CN112995215B (en) | Decryption system, method, device, electronic equipment and storage medium | |
| JP6294882B2 (en) | Key storage device, key storage method, and program thereof | |
| CN113364595A (en) | Power grid private data signature aggregation method and device and computer equipment | |
| CN117195306A (en) | Malicious participation behavior detection method based on multiparty energy data privacy calculation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PP01 | Preservation of patent right | ||
| PP01 | Preservation of patent right |
Effective date of registration: 20230516 Granted publication date: 20190122 |