CN105406961B - Cryptographic key negotiation method, terminal and server - Google Patents
Cryptographic key negotiation method, terminal and server Download PDFInfo
- Publication number
- CN105406961B CN105406961B CN201510738170.4A CN201510738170A CN105406961B CN 105406961 B CN105406961 B CN 105406961B CN 201510738170 A CN201510738170 A CN 201510738170A CN 105406961 B CN105406961 B CN 105406961B
- Authority
- CN
- China
- Prior art keywords
- server
- terminal
- public key
- key
- coefficient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000004364 calculation method Methods 0.000 claims abstract description 32
- 238000010200 validation analysis Methods 0.000 claims abstract description 20
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 230000008569 process Effects 0.000 claims description 21
- 238000013507 mapping Methods 0.000 claims description 16
- MXBCYQUALCBQIJ-RYVPXURESA-N (8s,9s,10r,13s,14s,17r)-13-ethyl-17-ethynyl-11-methylidene-1,2,3,6,7,8,9,10,12,14,15,16-dodecahydrocyclopenta[a]phenanthren-17-ol;(8r,9s,13s,14s,17r)-17-ethynyl-13-methyl-7,8,9,11,12,14,15,16-octahydro-6h-cyclopenta[a]phenanthrene-3,17-diol Chemical compound OC1=CC=C2[C@H]3CC[C@](C)([C@](CC4)(O)C#C)[C@@H]4[C@@H]3CCC2=C1.C1CC[C@@H]2[C@H]3C(=C)C[C@](CC)([C@](CC4)(O)C#C)[C@@H]4[C@@H]3CCC2=C1 MXBCYQUALCBQIJ-RYVPXURESA-N 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 10
- 241000208340 Araliaceae Species 0.000 description 3
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 3
- 235000003140 Panax quinquefolius Nutrition 0.000 description 3
- 238000009795 derivation Methods 0.000 description 3
- 235000008434 ginseng Nutrition 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000013011 mating Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Abstract
The embodiment of the invention discloses a kind of cryptographic key negotiation method, terminal and servers.The method includes:Host ID is sent to server;Obtain the open parameter and server identification code that the server is sent;According to the open parameter and the host ID computing terminal private key, according to the open parameter and server identification code calculation server public key, and encrypted server public key is sent to the server;Obtain the encrypted terminal public key that the server is sent;By bilinear map, according to the encrypted terminal public key and the terminal pseudo noise code computing terminal validation value;By comparing the terminal authentication value and server authentication value, the accuracy of key agreement is judged.The key information used during the generation encrypted transmission that cryptographic key negotiation method, terminal and server provided in an embodiment of the present invention can be instant.
Description
Technical field
The present embodiments relate to a kind of field of information security technology more particularly to cryptographic key negotiation method, terminal and services
Device.
Background technology
With stepping up for people's awareness of safety, more and more household electrical appliance need to provide booting when first powering on
Password.In order to obtain accurate startup password, people often go to ask this password to password management services.But
It is that startup password is very crucial data for household electrical appliance, once the communication data of request startup password is by criminal
It intercepts and captures, consequence is hardly imaginable.
In order to ensure the information security of startup password acquisition process, using by encrypted ciphertext in password acquisition process
It is communicated.Rivest, shamir, adelman, using different keys, improves information transmission when information is encrypted and information is decrypted
Security level.Moreover, carrying out secret communication using rivest, shamir, adelman, communicating pair need not be realized and be handed over by cryptochannel
Change key.But in traditional asymmetrical encrypted transmission mechanism, public key is generally specified by user.Moreover, public key information one
It is designated, no longer change.This mean that user need to open up independent space to the key that is used during encrypted transmission into
Row management, this will expend certain computing resource.
Invention content
In view of the above technical problems, a kind of cryptographic key negotiation method of proposition of the embodiment of the present invention, terminal and server, with instant
Generate the key information used during encrypted transmission.
In a first aspect, an embodiment of the present invention provides a kind of cryptographic key negotiation method, it is applied to terminal, the method includes:
Host ID is sent to server;
Obtain the open parameter and server identification code that the server is sent, wherein the open parameter includes system
Characteristic value;
According to the open parameter and the host ID computing terminal private key, according to the open parameter and server
Identification code calculation server public key, and encrypted server public key is sent to the server, wherein the terminal secret key
It is the product of second terminal coefficient and the system features value, the server public key is first server coefficient and the system
The product of characteristic value, the encrypted server public key is the product of terminal pseudo noise code and the server public key, described
Second terminal coefficient and the first server coefficient are included in the open parameter, or can pass through the open ginseng
One or several in several, the described host ID, the server identification code are calculated, the second terminal coefficient and
The product of one terminal coefficient is non-zero definite value;
Obtain the encrypted terminal public key that the server is sent, wherein terminal public key is the first terminal coefficient
With the product of system features value, the encrypted terminal public key is the product of server pseudo noise code and the terminal public key;
By bilinear map, according to the encrypted terminal public key and the terminal pseudo noise code computing terminal
Validation value, the terminal authentication value, which is equal to, obtains the encrypted terminal public key and terminal secret key progress bilinear map
The product of the mapping value and the terminal pseudo noise code that arrive;
By comparing the terminal authentication value and server authentication value, the accuracy of key agreement is judged.
Second aspect, the embodiment of the present invention additionally provide a kind of cryptographic key negotiation method, are applied to server, the method packet
It includes:
Obtain the host ID that terminal is sent;
The open parameter used in cipher key agreement process and server identification code are sent to the terminal, wherein institute
It includes system features value to state open parameter;
Obtain the encrypted server public key that the terminal is sent, wherein server public key is first server coefficient
With the product of the system features value, the encrypted server public key is terminal pseudo noise code and the server public key
Product;
According to the open parameter and the server identification code calculation server private key, according to the open parameter and end
Identification code computing terminal public key is held, and encrypted terminal public key is sent to the terminal, wherein the privacy key is
The product of the second server coefficient and the system features value, the terminal public key be the first terminal coefficient with it is described
The product of system features value, the encrypted terminal public key are the product of server pseudo noise code and the terminal public key, institute
It states first terminal coefficient and the second server coefficient is included in the open parameter, or the open ginseng can be passed through
One or several in several, the described host ID, the server identification code are calculated, the second server coefficient with
The product of first server coefficient is non-zero definite value;
By bilinear map, calculated according to the encrypted server public key and the server pseudo noise code
Server authentication value, the server authentication value, which is equal to, carries out the encrypted server public key and the privacy key
The product of mapping value and the server pseudo noise code that bilinear map obtains;
By comparing terminal authentication value and the server authentication value, the accuracy of key agreement is judged.
The third aspect, the embodiment of the present invention additionally provide a kind of terminal, and the terminal includes:
First sending module, for host ID to be sent to server;
First acquisition module, for obtaining the open parameter and server identification code that the server is sent, wherein described
Open parameter includes system features value;
First key computing module, for according to the open parameter and the host ID computing terminal private key, root
According to the open parameter and server identification code calculation server public key, and encrypted server public key is sent to the clothes
It is engaged in device, wherein the terminal secret key is the product of second terminal coefficient and the system features value, and the server public key is the
The product of one server coefficient and the system features value, the encrypted server public key be terminal pseudo noise code with it is described
The product of server public key, the second terminal coefficient and the first server coefficient are included in the open parameter, or
Person can be calculated by one or several in the open parameter, the host ID, the server identification code,
The product of the second terminal coefficient and first terminal coefficient is non-zero definite value;
First key acquisition module, the encrypted terminal public key sent for obtaining the server, wherein terminal is public
Key is the product of the first terminal coefficient and system features value, the encrypted terminal public key be server pseudo noise code with
The product of the terminal public key;
First validation value computing module, for passing through bilinear map, according to the encrypted terminal public key, Yi Jisuo
Terminal pseudo noise code computing terminal validation value is stated, the terminal authentication value was equal to the encrypted terminal public key and the end
End private key carries out the product of mapping value and the terminal pseudo noise code that bilinear map obtains;
First authentication module, for by comparing the terminal authentication value and server authentication value, judging key agreement
Accuracy.
Fourth aspect, the embodiment of the present invention additionally provide a kind of server, and the server includes:
Second acquisition module, the host ID for obtaining terminal transmission;
Second sending module, for sending the open parameter used in cipher key agreement process and server identification code
To the terminal, wherein the open parameter includes system features value;
Second Key Acquisition Module, the encrypted server public key sent for obtaining the terminal, wherein server
Public key is the product of first server coefficient and the system features value, and the encrypted server public key is terminal pseudorandom
The product of code and the server public key;
Second cipher key calculation module, for private according to the open parameter and the server identification code calculation server
Encrypted terminal public key according to the open parameter and host ID computing terminal public key, and is sent to the end by key
End, wherein the privacy key is the product of the second server coefficient and the system features value, the terminal public key
It is the product of the first terminal coefficient and the system features value, the encrypted terminal public key is server pseudo noise code
With the product of the terminal public key, the first terminal coefficient and the second server coefficient are included in the open parameter
In, or one or several calculating in the open parameter, the host ID, the server identification code can be passed through
It obtains, the product of the second server coefficient and first server coefficient is non-zero definite value;
Second validation value computing module, for passing through bilinear map, according to the encrypted server public key, and
The server pseudo noise code calculation server validation value, the server authentication value are equal to public to the encrypted server
Key and the privacy key carry out the product of mapping value and the server pseudo noise code that bilinear map obtains;
Second authentication module, for by comparing terminal authentication value and the server authentication value, judging key agreement
Accuracy.
Cryptographic key negotiation method, terminal and server provided in an embodiment of the present invention, by before carrying out secret communication, leading to
The instant computing for crossing key and verification immediately so that the key needed in secret communication can generate in real time, it is not necessary to individually open
It wards off memory space to be managed, saves the memory space being managed to the key used in secret communication.
Description of the drawings
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, of the invention other
Feature, objects and advantages will become more apparent upon:
Fig. 1 is the flow chart for the cryptographic key negotiation method that first embodiment of the invention provides;
Fig. 2 is the flow chart for the cryptographic key negotiation method that second embodiment of the invention provides;
Fig. 3 is the interaction diagrams for the cryptographic key negotiation method that third embodiment of the invention provides;
Fig. 4 is the structure chart for the terminal that fourth embodiment of the invention provides;
Fig. 5 is the structure chart for the server that fifth embodiment of the invention provides.
Specific implementation mode
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is only used for explaining the present invention rather than limitation of the invention.It also should be noted that for the ease of
Description, only some but not all contents related to the present invention are shown in the drawings.
First embodiment
Present embodiments provide a kind of technical solution of cryptographic key negotiation method.The cryptographic key negotiation method has terminal execution.
The terminal is the side for asking startup password in the interaction of request startup password.
Referring to Fig. 1, the cryptographic key negotiation method includes:
Host ID is sent to server by S11.
The host ID IDaIt is the identity code that terminal and other-end can be uniquely distinguished.Close
It is one-to-many relationship between server and terminal during key is negotiated.That is, server can simultaneously with it is more
A terminal carries out the negotiation of key.In order to uniquely distinguish different terminals in the interactive process of the key agreement, close
The incipient stage of key negotiations process, by the terminal by the host ID ID of itselfaIt is sent to the server.
S12 obtains open parameter and server identification code that the server is sent, wherein the openly parameter includes
System features value.
Specifically, the open parameter includes:System features value P, coefficient radix s and hash function H.
S13, according to the open parameter and the host ID computing terminal private key, according to the open parameter and clothes
Business device identification code calculation server public key, and encrypted server public key is sent to the server.
The host ID ID is being sent to the serveraLater, the terminal can be received from the server
The open parameter and server identification code ID of the server feedbackm.The open parameter is institute during key agreement
It states to retain on terminal and the server and has backup, and the identical parameter of value in the backup of the two retention.Specifically, institute
Stating open parameter includes:System features value P, coefficient radix s and hash function H.
Specifically, the terminal calculates the terminal secret key according to such as following formula (1):
Apri=[s+H (IDa)]-1×P (1)
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, ApriIt is described
Terminal secret key, H is the hash function, moreover, [s+H (IDa)]-1It is the second terminal coefficient.It can be seen that described second
Terminal coefficient can be calculated by the open parameter, host ID.
Further, the product of the second terminal coefficient and the first terminal coefficient hereinafter referred to is definite value, and
The value of the customization cannot be 0.
It should be noted that the calculation of the second terminal coefficient and being not fixed, may be used other than the present embodiment
Other modes calculate, the present invention it is without limitation.But no matter use which kind of calculation, the second terminal coefficient
It must keep being definite value with the product of the first terminal coefficient.
Since the calculation of first terminal coefficient and second terminal coefficient is not fixed, third party is increased to key agreement
The difficulty that process is attacked, to improve the safety of cipher key agreement process.
Next the terminal calculates the server public key according to such as following formula (2):
Mpub=[s+H (IDm)]×P (2)
Wherein, s is the coefficient radix, and P is the system features value, IDmIt is the server identification code, MpubIt is institute
Server public key is stated, moreover, [s+H (IDm)] it is the first server coefficient.As it can be seen that the first server coefficient can be with
It is calculated by the open parameter and server identification code.
Further, the product of the first server coefficient and the second server coefficient hereinafter referred to is definite value.
Since the server public key is parameter server identification code, the system features for having backup according to retention on server
What value and system radix were calculated, therefore, the server recognizes the server public key being calculated by terminal with self
Card property.
The encrypted terminal public key is provided by such as following formula (3):
M′pub=ra×Mpub (3)
Wherein, M 'pubIt is encrypted server public key, raIt is the terminal pseudo noise code generated by the terminal, MpubIt is
The server public key.
The server public key is encrypted using terminal pseudo noise code, improves the robustness of cipher key agreement process,
Cipher key agreement process can be further avoided by third party's malicious attack.
S14 obtains the encrypted terminal public key that the server is sent.
The terminal public key is the product of the first terminal coefficient and system features value.The encrypted terminal public key
It is the product of server pseudo noise code and the terminal public key.
S15 is calculated by bilinear map according to the encrypted terminal public key and the terminal pseudo noise code
Terminal authentication value, the terminal authentication value, which is equal to, reflects the encrypted terminal public key and terminal secret key progress bilinearity
The product of the mapping value and the terminal pseudo noise code penetrated.
Specifically, the terminal authentication value is provided by such as following formula (4):
Vea=e (Ap′ub,Apri)ra=e (rm·[s+H(IDa)]·P,[s+H(IDa)]-1·P)ra=e (P, P) rarm (4)
Wherein, VeaIt is the terminal authentication value, Ap′ubIt is encrypted terminal public key, ApriIt is terminal secret key, e is described
Bilinear map.Specifically, the bilinear map can be one of tate pairs or weil centering.Moreover, above-mentioned formula (4)
Derivation be utilized mapping e bilinearity.
S16 judges the accuracy of key agreement by comparing the terminal authentication value and server authentication value.
The present embodiment is by before end side carries out secret communication, running the instant computing of key so that logical in secrecy
The key needed in letter can generate in real time.
Second embodiment
The present embodiment provides the another technical solutions of cryptographic key negotiation method.The cryptographic key negotiation method is held by server
Row.Also, what the present embodiment provided executes the close of terminal execution that cryptographic key negotiation method and first embodiment provide by server
To mating, it is a complete cipher key agreement process that the two, which combines, for key machinery of consultation.
Referring to Fig. 2, the cryptographic key negotiation method includes:
S21 obtains the host ID that terminal is sent.
The open parameter used in cipher key agreement process and server identification code are sent to terminal, wherein institute by S22
It includes system features value to state open parameter.
In the host ID ID for receiving the terminal transmissionaLater, the server is by open parameter, and services
Device identification code IDmIt is sent to the terminal.
Specifically, as described in first embodiment of the invention, the open parameter includes:System features value P, coefficient radix
S and hash function H.
The server identification code IDmIt is the unique identity number of the server.
S23 obtains the encrypted server public key that the terminal is sent.
The server public key is the product of first server coefficient and the system features value.The encrypted service
Device public key is the product of terminal pseudo noise code and the server public key.
S24, according to the open parameter and the server identification code calculation server private key, according to the open parameter
And host ID computing terminal public key, and encrypted terminal public key is sent to the terminal.
Specifically, the server is according to following formula (5) calculation server private key:
Mpri=[s+H (IDm)]-1×P (5)
Wherein, s is the coefficient radix, and P is the system features value, IDmIt is the server identification code, MpriIt is institute
Privacy key is stated, H is the hash function, [s+H (IDm)]-1It is the second server coefficient.As can be seen that described the
Two server coefficients can be calculated by the open parameter and the server identification code.
Further, the product between the second server coefficient and the first server coefficient is definite value.
It should be noted that the calculation of the second server coefficient and be not fixed, may be used the present embodiment with
Outer other modes calculate, and the present invention is without limitation.But no matter use which kind of calculation, the second server
The product of coefficient and the first server coefficient must keep being definite value.
Since the calculation of first server coefficient and second server coefficient is not fixed, third party is increased to key
The difficulty that negotiations process is attacked, to improve the safety of cipher key agreement process.
The server calculates the terminal public key according to following formula (6):
Apub=[s+H (IDa)]×P (6)
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, ApubIt is described
Terminal public key, H are the hash function, [s+H (IDa)] it is first server coefficient.It can be seen that the first terminal coefficient
It can be calculated by the open parameter and the host ID.
Further, the product between the first terminal coefficient and the second terminal coefficient is definite value, also, this is fixed
The value of value cannot be 0.
Due to the terminal public key be according to retained in terminal have the parameter server identification code of backup, system features value and
System radix is calculated, and therefore, the terminal-pair has self identity by the terminal public key that server is calculated.
The encrypted terminal public key is provided by such as following formula (7):
A′pub=rm×Apub (7)
Wherein, A 'pubIt is encrypted terminal public key, rmIt is the server pseudo noise code generated by the server, Apub
It is the terminal public key.
The terminal public key is encrypted using server pseudo noise code, improves the robustness of cipher key agreement process,
It can play the role of avoiding cipher key agreement process by third party's malicious attack.
S25, by bilinear map, according to the encrypted server public key and the server pseudo noise code
Calculation server validation value, the server authentication value are equal to the encrypted server public key and the privacy key
Carry out the product of mapping value and the server pseudo noise code that bilinear map obtains.
The server authentication value is provided by following formula (8):
Vem=e (M 'pub,Mpri)rm=e (ra·[s+H(IDm)]·P,[s+H(IDm)]-1·P)rm=e (P, P) rarm (8)
Wherein, VemIt is the server authentication value, M 'pubIt is encrypted server public key, MpriIt is privacy key, e
It is the bilinear map.Specifically, the bilinear map can be one of tate pairs or weil centering.On moreover,
The bilinearity of mapping e is utilized in the derivation for stating formula (8).
S26 judges the accuracy of key agreement by comparing terminal authentication value and the server authentication value.
According to the derivation of formula (4) and formula (8), the value of the terminal authentication value and the server authentication value should phase
Together.Therefore, the terminal can be by the value of both comparisons, to judge the accuracy of above-mentioned cipher key agreement process.
The present embodiment by server side carry out secret communication before, run key instant computing and immediately verification,
The key needed in secret communication is generated in real time.
3rd embodiment
Present embodiments provide a kind of technical solution of cryptographic key negotiation method.In the technical scheme, the key agreement
Method executes with end side and server side.
Referring to Fig. 3, the cryptographic key negotiation method includes:
Host ID is sent to server by S31, terminal.
The open parameter used in cipher key agreement process and server identification code are sent to end by S32, the server
End, wherein the open parameter includes system features value.
S33, the terminal is according to the open parameter and the host ID computing terminal private key, according to the disclosure
Parameter and server identification code calculation server public key, and encrypted server public key is sent to the server.
S34, the server is according to the open parameter and the server identification code calculation server private key, according to institute
Open parameter and host ID computing terminal public key are stated, and encrypted terminal public key is sent to the terminal.
S35, the terminal by bilinear map, according to the encrypted terminal public key and the terminal puppet with
Machine code computing terminal validation value, the terminal authentication value, which is equal to, carries out the encrypted terminal public key and the terminal secret key
The product of mapping value and the terminal pseudo noise code that bilinear map obtains.
S36, the server is by bilinear map, according to the encrypted server public key and the service
Device pseudo noise code calculation server validation value, the server authentication value are equal to the encrypted server public key and described
Privacy key carries out the product of mapping value and the server pseudo noise code that bilinear map obtains.
S37, the terminal judge the standard of key agreement by comparing the terminal authentication value and the server authentication value
True property.
S38, the server judge key agreement by comparing the terminal authentication value and the server authentication value
Accuracy.
The present embodiment by before carrying out secret communication, end side and server side run key instant computing and
Immediately verification so that the key needed in secret communication can generate in real time.
Fourth embodiment
Present embodiments provide a kind of technical solution of terminal.Referring to Fig. 4, the terminal includes:First sending module 41,
First acquisition module 42, first key computing module 43, first key acquisition module 44, the first validation value computing module 45 and
First authentication module 46.
First sending module 41 is used to host ID being sent to server.
First acquisition module 42 is used to obtain the open parameter and server identification code that the server is sent,
In, the open parameter includes system features value.
The first key computing module 43 is used for private according to the open parameter and the host ID computing terminal
Key according to the open parameter and server identification code calculation server public key, and encrypted server public key is sent to
The server, wherein the terminal secret key is the product of second terminal coefficient and the system features value, and the server is public
Key is the product of first server coefficient and the system features value, and the encrypted server public key is terminal pseudo noise code
With the product of the server public key, the second terminal coefficient and the first server coefficient are included in the open parameter
In, or one or several calculating in the open parameter, the host ID, the server identification code can be passed through
It obtains, the product of the second terminal coefficient and first terminal coefficient is non-zero definite value.
The first key acquisition module 44 is used to obtain the encrypted terminal public key that the server is sent, wherein
Terminal public key is the product of the first terminal coefficient and system features value, the encrypted terminal public key be server puppet with
The product of machine code and the terminal public key.
The first validation value computing module 45 is used for through bilinear map, according to the encrypted terminal public key,
And the terminal pseudo noise code computing terminal validation value, the terminal authentication value be equal to the encrypted terminal public key and
The terminal secret key carries out the product of mapping value and the terminal pseudo noise code that bilinear map obtains.
First authentication module 46 is used for by comparing the terminal authentication value and server authentication value, judgement key association
The accuracy of quotient.
Further, the open parameter includes:System features value P, coefficient radix s and hash function H.
Further, the first key computing module 42 is specifically used for:
The terminal secret key is calculated according to following formula;
Apri=[s+H (IDa)]-1×P
The server public key is calculated according to following formula;
Mpub=[s+H (IDm)]×P
The server public key is encrypted according to following formula;
M′pub=ra×Mpub
The encrypted server public key is sent to the server;
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, IDmIt is the clothes
Business device identification code, H is the hash function, ApriIt is the terminal secret key, MpubIt is the server public key, M 'pubIt is described add
Server public key after close, raIt is the terminal pseudo noise code, moreover, [s+H (IDa)]-1It is the second terminal coefficient, [s+H
(IDm)] it is the first server coefficient.
5th embodiment
Present embodiments provide a kind of technical solution of server.Referring to Fig. 5, the server includes:Second obtains mould
Block 51, the second sending module 52, the second Key Acquisition Module 53, the second cipher key calculation module 54, the second validation value computing module
55 and second authentication module 56.
Second acquisition module 51 is used to obtain the host ID of terminal transmission.
The open parameter and server identification code that second sending module 52 is used to use in cipher key agreement process
It is sent to terminal, wherein the open parameter includes system features value.
Second Key Acquisition Module 53 is used to obtain the encrypted server public key that the terminal is sent, wherein
Server public key is the product of first server coefficient and the system features value, and the encrypted server public key is terminal
The product of pseudo noise code and the server public key.
The second cipher key calculation module 54 is used to calculate service according to the open parameter and the server identification code
Encrypted terminal public key according to the open parameter and host ID computing terminal public key, and is sent to institute by device private key
State terminal, wherein the privacy key is the product of the second server coefficient and the system features value, the terminal
Public key is the product of the first terminal coefficient and the system features value, the encrypted terminal public key be server puppet with
The product of machine code and the terminal public key, the first terminal coefficient and the second server coefficient are included in the open ginseng
In number, or it can be calculated by one or several in the open parameter, host ID, server identification code,
The product of the second server coefficient and first server coefficient is non-zero definite value.
The second validation value computing module 55 is used for through bilinear map, public according to the encrypted server
Key and the server pseudo noise code calculation server validation value, the server authentication value are equal to described encrypted
The mapping value that server public key and privacy key progress bilinear map obtain multiplies with the server pseudo noise code
Product.
Second authentication module 56 is used for by comparing terminal authentication value and the server authentication value, judgement key association
The accuracy of quotient.
Further, the open parameter includes:System features value P, coefficient radix s and hash function H.
Further, the second cipher key calculation module 52 is specifically used for:
The privacy key is calculated according to following formula;
Mpri=[s+H (IDm)]-1×P
The terminal public key is calculated according to following formula;
Apub=[s+H (IDa)]×P
The terminal public key is encrypted according to following formula;
A′pub=rm×Apub
The encrypted terminal public key is sent to the terminal;
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, IDmIt is the clothes
Business device identification code, H is the hash function, rmIt is the server pseudo noise code, MpriIt is the privacy key, ApubIt is institute
State terminal public key, A 'pubIt is the encrypted terminal public key, [s+H (IDm)]-1It is the second server coefficient, [s+H
(IDa)] it is the first terminal coefficient.
Will be appreciated by those skilled in the art that each module of the above invention or each step can use general meter
Device is calculated to realize, they can be concentrated on single computing device, or be distributed in network constituted by multiple computing devices
On, optionally, they can be realized with the program code that computer installation can perform, so as to be stored in storage
It is performed by computing device in device, either they are fabricated to each integrated circuit modules or will be more in them
A module or step are fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific hardware and
The combination of software.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with
The difference of other embodiment, just to refer each other for the same or analogous part between each embodiment.
The foregoing is merely the preferred embodiment of the present invention, are not intended to restrict the invention, for those skilled in the art
For, the present invention can have various modifications and changes.It is all within spirit and principles of the present invention made by any modification, equivalent
Replace, improve etc., it should all be included in the protection scope of the present invention.
Claims (8)
1. a kind of cryptographic key negotiation method is applied to terminal, which is characterized in that including:
Host ID is sent to server;
Obtain the open parameter and server identification code that the server is sent, wherein the open parameter includes system features
Value;
According to the open parameter and the host ID computing terminal private key, according to the open parameter and server identification
Code calculation server public key, and is sent to the server by encrypted server public key, wherein the terminal secret key is the
The product of two terminal coefficients and the system features value, the server public key are first server coefficient and the system features
The product of value, the encrypted server public key are the products of terminal pseudo noise code and the server public key, described second
Terminal coefficient and the first server coefficient are included in the open parameter, or can pass through the open parameter, institute
State in host ID, the server identification code it is one or several be calculated, the second terminal coefficient and first is eventually
It is non-zero definite value to hold the product of coefficient;
Obtain the encrypted terminal public key that the server is sent, wherein terminal public key is the first terminal coefficient and be
The product for characteristic value of uniting, the encrypted terminal public key is the product of server pseudo noise code and the terminal public key;
By bilinear map, verified according to the encrypted terminal public key and the terminal pseudo noise code computing terminal
Value, the terminal authentication value is equal to carries out what bilinear map obtained to the encrypted terminal public key and the terminal secret key
The product of mapping value and the terminal pseudo noise code;
By comparing the terminal authentication value and server authentication value, the accuracy of key agreement is judged.
2. according to the method described in claim 1, it is characterized in that, the open parameter includes:System features value P, coefficient base
Number s and hash function H.
3. according to the method described in claim 2, it is characterized in that, being calculated according to the open parameter and the host ID
Terminal secret key, according to the open parameter and the server identification code calculation server public key, and by encrypted server
Public key is sent to the server:
The terminal secret key is calculated according to following formula;
Apri=[s+H (IDa)]-1×P
The server public key is calculated according to following formula;
Mpub=[s+H (IDm)]×P
The server public key is encrypted according to following formula;
M′pub=ra×Mpub
The encrypted server public key is sent to the server;
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, IDmIt is the server
Identification code, H are the hash function, ApriIt is the terminal secret key, MpubIt is the server public key, M 'pubAfter being the encryption
Server public key, raIt is the terminal pseudo noise code, moreover, [s+H (IDa)]-1It is the second terminal coefficient, [s+H
(IDm)] it is the first server coefficient.
4. a kind of cryptographic key negotiation method is applied to server, which is characterized in that including:
Obtain the host ID that terminal is sent;
The open parameter used in cipher key agreement process and server identification code are sent to the terminal, wherein the public affairs
It includes system features value to open parameter;
Obtain the encrypted server public key that the terminal is sent, wherein server public key is first server coefficient and institute
State the product of system features value, the encrypted server public key is terminal pseudo noise code and the server public key multiplies
Product;
According to the open parameter and the server identification code calculation server private key, according to the open parameter and terminal mark
Know code computing terminal public key, and encrypted terminal public key is sent to the terminal, wherein the privacy key is second
The product of server coefficient and the system features value, the terminal public key are first terminal coefficient and the system features value
Product, the encrypted terminal public key are the products of server pseudo noise code and the terminal public key, the first terminal system
The several and described second server coefficient is included in the open parameter, or can pass through the open parameter, the terminal
One or several in identification code, the server identification code are calculated, the second server coefficient and first server
The product of coefficient is non-zero definite value;
By bilinear map, service is calculated according to the encrypted server public key and the server pseudo noise code
Device validation value, the server authentication value is equal to carries out two-wire to the encrypted server public key and the privacy key
The product for the mapping value and the server pseudo noise code that property maps;
By comparing terminal authentication value and the server authentication value, the accuracy of key agreement is judged.
5. according to the method described in claim 4, it is characterized in that, the open parameter further includes:System features value P, coefficient
Radix s and hash function H.
6. according to the method described in claim 5, it is characterized in that, according to the open parameter and the server identification code meter
Privacy key is calculated, according to the open parameter and the host ID computing terminal public key, and encrypted terminal is public
Key is sent to the terminal:
The privacy key is calculated according to following formula;
Mpri=[s+H (IDm)]-1×P
The terminal public key is calculated according to following formula;
Apub=[s+H (IDa)]×P
The terminal public key is encrypted according to following formula;
A′pub=rm×Apub
The encrypted terminal public key is sent to the terminal;
Wherein, s is the coefficient radix, and P is the system features value, IDaIt is the host ID, IDmIt is the server
Identification code, H are the hash function, rmIt is the server pseudo noise code, MpriIt is the privacy key, ApubIt is the end
Hold public key, A 'pubIt is the encrypted terminal public key, [s+H (IDm)]-1It is the second server coefficient, [s+H (IDa)]
It is the first terminal coefficient.
7. a kind of terminal, which is characterized in that including:
First sending module, for host ID to be sent to server;
First acquisition module, for obtaining the open parameter and server identification code that the server is sent, wherein the disclosure
Parameter includes system features value;
First key computing module is used for according to the open parameter and the host ID computing terminal private key, according to institute
Open parameter and server identification code calculation server public key are stated, and encrypted server public key is sent to the service
Device, wherein the terminal secret key is the product of second terminal coefficient and the system features value, and the server public key is first
The product of server coefficient and the system features value, the encrypted server public key are terminal pseudo noise code and the clothes
The product of business device public key, the second terminal coefficient and the first server coefficient are included in the open parameter, or
It can be calculated by one or several in the open parameter, the host ID, the server identification code, institute
It is non-zero definite value to state second terminal coefficient and the product of first terminal coefficient;
First key acquisition module, the encrypted terminal public key sent for obtaining the server, wherein terminal public key is
The product of the first terminal coefficient and system features value, the encrypted terminal public key be server pseudo noise code with it is described
The product of terminal public key;
First validation value computing module, for passing through bilinear map, according to the encrypted terminal public key and the end
Pseudo noise code computing terminal validation value, the terminal authentication value is held to be equal to private to the encrypted terminal public key and the terminal
Key carries out the product of mapping value and the terminal pseudo noise code that bilinear map obtains;
First authentication module, for by comparing the terminal authentication value and server authentication value, judging the accurate of key agreement
Property.
8. a kind of server, which is characterized in that including:
Second acquisition module, the host ID for obtaining terminal transmission;
Second sending module, for the open parameter used in cipher key agreement process and server identification code to be sent to institute
State terminal, wherein the open parameter includes system features value;
Second Key Acquisition Module, the encrypted server public key sent for obtaining the terminal, wherein server public key
The product of first server coefficient and the system features value, the encrypted server public key be terminal pseudo noise code with
The product of the server public key;
Second cipher key calculation module, for according to the open parameter and the server identification code calculation server private key, root
According to the open parameter and host ID computing terminal public key, and encrypted terminal public key is sent to the terminal,
In, the privacy key is the product of second server coefficient and the system features value, and the terminal public key is first whole
It is that server pseudo noise code and the terminal are public to hold the product of coefficient and the system features value, the encrypted terminal public key
The product of key, the first terminal coefficient and the second server coefficient are included in the open parameter, or can lead to
Cross in the open parameter, the host ID, the server identification code it is one or several be calculated, described second
Server coefficient and the product of first server coefficient are non-zero definite values;
Second validation value computing module, for by bilinear map, according to the encrypted server public key and described
Server pseudo noise code calculation server validation value, the server authentication value be equal to the encrypted server public key and
The privacy key carries out the product of mapping value and the server pseudo noise code that bilinear map obtains;
Second authentication module, for by comparing terminal authentication value and the server authentication value, judging the accurate of key agreement
Property.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510738170.4A CN105406961B (en) | 2015-11-02 | 2015-11-02 | Cryptographic key negotiation method, terminal and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510738170.4A CN105406961B (en) | 2015-11-02 | 2015-11-02 | Cryptographic key negotiation method, terminal and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105406961A CN105406961A (en) | 2016-03-16 |
| CN105406961B true CN105406961B (en) | 2018-08-07 |
Family
ID=55472226
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510738170.4A Expired - Fee Related CN105406961B (en) | 2015-11-02 | 2015-11-02 | Cryptographic key negotiation method, terminal and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105406961B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109151818B (en) * | 2018-08-07 | 2021-08-17 | 西安易朴通讯技术有限公司 | Terminal verification method, AP (access point) equipment, terminal and system |
| CN110868285B (en) * | 2018-08-28 | 2023-05-19 | 中国电信股份有限公司 | Authentication method, server, system, and computer-readable storage medium |
| CN110278080B (en) * | 2019-07-11 | 2020-10-02 | 珠海格力电器股份有限公司 | Method, system and computer readable storage medium for data transmission |
| CN115242480A (en) * | 2022-07-15 | 2022-10-25 | 京东方科技集团股份有限公司 | Device access method, system and non-volatile computer storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102232275A (en) * | 2008-12-05 | 2011-11-02 | 松下电工株式会社 | Key distribution system |
| CN103248488A (en) * | 2013-05-14 | 2013-08-14 | 顾纯祥 | Identity-based key generation method and identity-based authentication method |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100571820B1 (en) * | 2003-10-20 | 2006-04-17 | 삼성전자주식회사 | Conference session key distribution method on ID-based cryptographic system |
-
2015
- 2015-11-02 CN CN201510738170.4A patent/CN105406961B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102232275A (en) * | 2008-12-05 | 2011-11-02 | 松下电工株式会社 | Key distribution system |
| CN103248488A (en) * | 2013-05-14 | 2013-08-14 | 顾纯祥 | Identity-based key generation method and identity-based authentication method |
Non-Patent Citations (2)
| Title |
|---|
| Identity based authenticated key agreement protocols from pairings;L. Chen;C. Kudla;《Computer Security Foundations Workshop, 2003. Proceedings. 16th IEEE》;20030702;全文 * |
| 基于双线性对的无证书两方认证密钥协商协议;杨浩民; 张尧学; 周悦芝;;《清华大学学报(自然科学版)》;20120930;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105406961A (en) | 2016-03-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109756485B (en) | Electronic contract signing method, electronic contract signing device, computer equipment and storage medium | |
| US9698985B2 (en) | Authentication | |
| US11899756B1 (en) | Systems and methods for secure element registration and provisioning | |
| EP3444999B1 (en) | Method for generating a public/private key pair and public key certificate for an internet of things device | |
| Choudhury et al. | A strong user authentication framework for cloud computing | |
| Balfe et al. | Trusted computing: Providing security for peer-to-peer networks | |
| CN103118027B (en) | The method of TLS passage is set up based on the close algorithm of state | |
| CN104160656B (en) | System and method for client device to be connected with network | |
| US8971540B2 (en) | Authentication | |
| CN110337797A (en) | Method for executing two-factor authentication | |
| US9106644B2 (en) | Authentication | |
| US9531540B2 (en) | Secure token-based signature schemes using look-up tables | |
| US8285989B2 (en) | Establishing a secured communication session | |
| US10263782B2 (en) | Soft-token authentication system | |
| CN105406961B (en) | Cryptographic key negotiation method, terminal and server | |
| CN110380859B (en) | Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol | |
| Obert et al. | Recommendations for trust and encryption in DER interoperability standards | |
| CN109831311A (en) | A kind of server validation method, system, user terminal and readable storage medium storing program for executing | |
| Vokorokos et al. | Yet another attempt in user authentication | |
| Hlauschek et al. | Prying Open Pandora's Box:{KCI} Attacks against {TLS} | |
| CN113411187B (en) | Identity authentication method and system, storage medium and processor | |
| Sureshkumar et al. | An enhanced bilinear pairing based authenticated key agreement protocol for multiserver environment | |
| CN101789939B (en) | Effective realization method for credible OpenSSH | |
| CN116170144B (en) | Smart power grid anonymous authentication method, electronic equipment and storage medium | |
| CN101834852B (en) | Realization method of credible OpenSSH for protecting platform information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180807 |