CN107425973A - Public key amending method and device - Google Patents

Public key amending method and device Download PDF

Info

Publication number
CN107425973A
CN107425973A CN201710313053.2A CN201710313053A CN107425973A CN 107425973 A CN107425973 A CN 107425973A CN 201710313053 A CN201710313053 A CN 201710313053A CN 107425973 A CN107425973 A CN 107425973A
Authority
CN
China
Prior art keywords
public key
user terminal
user
terminal
renewal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710313053.2A
Other languages
Chinese (zh)
Other versions
CN107425973B (en
Inventor
田新雪
马书惠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201710313053.2A priority Critical patent/CN107425973B/en
Publication of CN107425973A publication Critical patent/CN107425973A/en
Application granted granted Critical
Publication of CN107425973B publication Critical patent/CN107425973B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the present invention provides a kind of public key amending method and device.This method includes:Node in peer-to-peer network receives the application information that user terminal is sent;At least one signing messages is verified;If the verification passes, then the user name of nodes records user terminal, renewal public key, update public key timestamp.The embodiment of the present invention receives the application information of user terminal transmission by node, application information includes the user name of user terminal, the public key of renewal, update the timestamp of public key, at least one signing messages, signing messages is the user name of the other users terminal-pair user terminal relevant with user terminal, the public key of renewal, the information that the timestamp of renewal public key obtains after being signed, when hacker or attacker change public key with the name of the user terminal, due to the signing messages of other users terminal that can not obtain associating with the user terminal, the public key of the user terminal can not be changed, so as to improve the security of modification public key.

Description

Public key amending method and device
Technical field
The present embodiments relate to communication technical field, more particularly to a kind of public key amending method and device.
Background technology
Public key encryption, also make asymmetric (key) to encrypt (public key encryption), belong under communication science and technology Network security two level subject, refer to the encryption being made up of corresponding a pair of unique keys (i.e. public-key cryptography and private cipher key) Method.It solves issue and the problem of management of key, is the core of current commercial code.In public encryption system, do not have Private key is disclosed, discloses public key.
Public key (Public Key) and private key (Private Key) are the keys obtained by a kind of algorithm to (i.e. One public key and a private key), public key is part disclosed in cipher key pair, and private key is then private part.Public key is generally used In encrypted session key, checking digital signature, or the data that encryption can be decrypted with corresponding private key.Obtained by this algorithm Key be worldwide unique to can guarantee that.Using this key to when, if added with one of key Close one piece of data, it is necessary to another secret key decryption.For example must just be decrypted with public key encryption data with private key, if using private key Encryption must also use public key decryptions, and otherwise decryption will not succeed.
Public key general record is recorded by the user for possessing book keeping operation power in distributed account book and is broadcast to other use Family.And private key is preserved by user oneself, user may be maintained in move media or PC, if move media Lose, the computer of networking can by hacker attacks, if so private key of some user because certain reason is revealed, this To be very serious security incident, it is therefore desirable to the public key of oneself is changed, but the public key modification side provided in the prior art The security of method is low.
The content of the invention
The embodiment of the present invention provides a kind of public key amending method and device, to improve the security for changing public key.
The one side of the embodiment of the present invention is to provide a kind of public key amending method, including:
Node in peer-to-peer network receives the application information that user terminal is sent, and it is whole that the application information includes the user The user name at end, the public key of renewal, timestamp, at least one signing messages for updating public key, at least one signing messages It is the user name of user terminal described in the other users terminal-pair relevant with the user terminal, the public key, more of renewal The information that the timestamp of new public key obtains after being signed;
The node is verified at least one signing messages;
If the verification passes, then the user name of user terminal described in the nodes records, the public key of renewal, renewal public key Timestamp.
The other side of the embodiment of the present invention is to provide a kind of public key modification device, including:
Receiving module, for receiving the application information of user terminal transmission, the application information includes the user terminal User name, renewal public key, update timestamp, at least one signing messages of public key, at least one signing messages is The user name of user terminal, the public key of renewal, renewal described in the other users terminal-pair relevant with the user terminal The information that the timestamp of public key obtains after being signed;
Authentication module, for being verified at least one signing messages;
Logging modle, for when being verified, recording the user name of the user terminal, the public key of renewal, renewal public affairs The timestamp of key.
Public key amending method and device provided in an embodiment of the present invention, the letter of application of user terminal transmission is received by node Breath, application information include the user name of user terminal, the public key of renewal, timestamp, at least one signing messages of renewal public key, Signing messages is the user name of the other users terminal-pair user terminal relevant with user terminal, the public key, more of renewal The information that the timestamp of new public key obtains after being signed, the node can be tested this application information according at least one signing messages Card, when the name modification public key of hacker or attacker with the user terminal, due to that can not obtain what is associated with the user terminal The signing messages of other users terminal, therefore the application information that the node in peer-to-peer network can not be sent to hacker or attacker is tested Card passes through, i.e., hacker or attacker can not change the public key of the user terminal, so as to improve the security of modification public key.
Brief description of the drawings
Fig. 1 is public key amending method flow chart provided in an embodiment of the present invention;
Fig. 2 is the structure chart that public key provided in an embodiment of the present invention changes device;
Fig. 3 is the structure chart that the public key that another embodiment of the present invention provides changes device.
Embodiment
Fig. 1 is public key amending method flow chart provided in an embodiment of the present invention.The embodiments of the invention provide public key modification Method, specific public key amending method step are as follows:
Step S101, the node in peer-to-peer network receives the log-on message that the user terminal is sent, the log-on message The timestamp of user name, original public key, original public key including the user terminal, the user name of the other users terminal.
When user terminal A adds peer-to-peer network (Peer to Peer, P2P) first, a pair of private key Key- of oneself are generated A11 and public key Key-A1, wherein, public key Key-A1 can be possible as the original public key of user terminal A, subsequent user terminal A The public key of oneself can be changed.Node of the user terminal A into peer-to-peer network sends log-on message, and it is whole that the log-on message includes user Hold A user name such as A, original public key such as Key-A1, original public key timestamp such as 2016-03-13 13:22:24、 The other users terminal relevant with user terminal A such as user terminal B and user terminal C user name such as B and C, Simply schematically illustrate herein, the present embodiment do not limit the number of the other users terminal relevant with user terminal A with And specific user terminal.The specific form of the log-on message is as shown in table 1:
Table 1
User name Public key Timestamp Other users
A Key-A1 2016-03-13 13:22:24 B, C
Step S102, described node receives the application information that user terminal is sent, and the application information includes the user The user name of terminal, the public key of renewal, timestamp, at least one signing messages for updating public key, at least one A.L.S. Breath be the user name of user terminal described in the other users terminal-pair relevant with the user terminal, renewal public key, The information that the timestamp of renewal public key obtains after being signed.
If the medium of the private key of user A oneself storages loses or user A thinks that the computer of oneself is invaded, then uses Family A private key may be obtained by a hacker possibility, then user A can initiate to P2P networks to change oneself public key by user terminal A A application, specifically, user A sends application information by node of the user terminal A into P2P networks, application information it is specific Form is as shown in table 2:
Table 2
User name Public key Timestamp User B signature User C signature
A Key-A2 2017-02-23 13:22:24 Signing messages-B Signing messages-C
As shown in table 2, the public key of oneself is revised as Key-A2, this application letter by user A by user terminal A from Key-A1 Breath includes the user name A of user terminal A, the public key Key-A2 of renewal, the timestamp 2017-02-23 13 of renewal public key:22: 24th, user B signature is signing messages-B, user C signature i.e. signing messages-C, wherein, signing messages-B generating process For:User terminal A by the user name A of user terminal A, renewal public key Key-A2, update public key timestamp 2017-02- 2313:22:24 are sent to user terminal B, and user terminal B is with the private key of oneself to the user name A of user terminal A, the public affairs of renewal Key Key-A2, the timestamp 2017-02-23 13 for updating public key:22:24 entirety are encrypted to obtain the signing messages-B, user Signing messages-B is sent to user terminal A by terminal B, and signing messages-B is put into application information as shown in table 2 by user terminal A In, and be published in peer-to-peer network;Similarly, signing messages-C is consistent with signing messages-B generating process principle, herein no longer Repeat.
Step S103, described node is verified at least one signing messages.
The node determines the user name of the other users terminal relevant with the user terminal.The node root According to the user name of the other users terminal, the public key of the other users terminal is obtained.
After the node in peer-to-peer network receives application information as shown in table 2, according to user terminal A in step S101 The log-on message of transmission is as shown in table 1, determines the entitled B of user of the other users terminal relevant with user terminal A And C, the node obtain user terminal B public key for example according to user terminal B user name B and user terminal C user name C Key-B and user terminal C public key such as Key-C, wherein, when user terminal B and user terminal C add peer-to-peer network first, A pair of the private keys and public key of oneself are generated, and the user name of oneself and public key form as shown in table 1 are published to peer-to-peer network In, therefore, the node in peer-to-peer network can obtain respectively according to the log-on message that user terminal B and user terminal C history are announced Get user terminal B public key such as Key-B and user terminal C public key such as Key-C.
At least one signing messages is decrypted using the public key of the other users terminal for the node, is obtained Information after decryption.Because signing messages-B is user terminal B user name As of the private key of oneself to user terminal A, renewal Public key Key-A2, the timestamp 2017-02-2313 for updating public key:22:24 entirety are encrypted what is obtained, therefore, peer-to-peer network In node signing messages-B can be decrypted using user terminal B public key such as Key-B, the letter after being decrypted Breath.
Step S104, if the verification passes, then the user name of user terminal described in the nodes records, renewal public key, Update the timestamp of public key.
The user name of information and the user terminal after the decryption, the public key of renewal, the timestamp one for updating public key Cause.If node using user terminal B public key such as Key-B signing messages-B is decrypted after decrypted after information With user terminal A announce user terminal A as shown in table 2 user name A, renewal public key Key-A2, renewal public key when Between stab 2017-02-23 13:22:24 be consistent, then it represents that user terminal B has been acknowledged the application information of user terminal A;Together Reason, if node using user terminal C public key such as Key-C signing messages-C is decrypted after decrypted after information With user terminal A announce user terminal A as shown in table 2 user name A, renewal public key Key-A2, renewal public key when Between stab 2017-02-23 13:22:24 be consistent, then it represents that user terminal C has been acknowledged the application information of user terminal A.
After being decrypted after signing messages-B is decrypted using user terminal B public key such as Key-B for node The user name A for the user terminal A as shown in table 2 that information is announced with user terminal A, the public key Key-A2 of renewal, renewal public key Timestamp 2017-02-23 13:22:24 is consistent, and node using user terminal C public key such as Key-C to signing messages- C decrypted after being decrypted after the user terminal A as shown in table 2 announced of information and user terminal A user name A, more New public key Key-A2, the timestamp 2017-02-23 13 of renewal public key:22:24 it is consistent when, node determine to user terminal A Application information be verified, record user terminal A user name A, renewal public key Key-A2, update public key timestamp 2017-02-23 13:22:24, meanwhile, original public key such as Key-A1 is replaced with the public key Key-A2 of renewal, with renewal public key Timestamp 2017-02-23 13:22:24 replace the timestamp such as 2016-03-13 13 of original public key:22:24.In addition, The node can also be by the user name A of user terminal A, the public key Key-A2 updated, the timestamp 2017-02-23 for updating public key 13:22:24 are broadcast to other nodes in peer-to-peer network, so that other nodes also replace original public affairs with the public key Key-A2 of renewal Key such as Key-A1, with the timestamp 2017-02-23 13 of renewal public key:22:24 replace the timestamp of original public key for example 2016-03-13 13:22:24, it is achieved thereby that user terminal changes the mechanism of oneself public key.
In addition, if node is solved after signing messages-B is decrypted using user terminal B public key such as Key-B The user name A for the user terminal A as shown in table 2 that information after close is announced with user terminal A, the public key Key-A2 of renewal, more The timestamp 2017-02-23 13 of new public key:22:24 is inconsistent, or node uses user terminal C public key such as Key-C The user terminal A as shown in table 2 that information after being decrypted after signing messages-C is decrypted is announced with user terminal A User name A, the public key Key-A2 of renewal, the timestamp 2017-02-23 13 of renewal public key:22:24 it is inconsistent when, the node pair The application information checking identification of user terminal A, the application information as shown in table 2 of user terminal A issue is abandoned.
The embodiment of the present invention receives the application information of user terminal transmission by node, and application information includes user terminal User name, the public key of renewal, timestamp, at least one signing messages of renewal public key, signing messages is relevant with user terminal After the user name of the other users terminal-pair user terminal of connection relation, the public key of renewal, the timestamp of renewal public key are signed Obtained information, the node can be according at least one signing messages to this application Information Authentication, when hacker or attacker are with the use During the name modification public key of family terminal, due to the signing messages of other users terminal that can not obtain associating with the user terminal, Therefore the application information that the node in peer-to-peer network can not be sent to hacker or attacker be verified, i.e., hacker or attacker without Method changes the public key of the user terminal, so as to improve the security of modification public key.
Fig. 2 is the structure chart that public key provided in an embodiment of the present invention changes device.Public key provided in an embodiment of the present invention is repaiied The handling process that can perform the offer of public key amending method embodiment is put in repacking, as shown in Fig. 2 20 include:Receiving module 21, test Module 22, logging modle 23 are demonstrate,proved, wherein, receiving module 21 is used for the application information for receiving user terminal transmission, the letter of application Breath includes the user name of the user terminal, the public key of renewal, timestamp, at least one signing messages of renewal public key, described At least one signing messages is the user of user terminal described in the other users terminal-pair relevant with the user terminal The information that name, the public key of renewal, the timestamp of renewal public key obtain after being signed;Authentication module 22 is used for described at least one Individual signing messages is verified;Logging modle 23 be used for when being verified, record the user terminal user name, renewal Public key, the timestamp for updating public key.
The embodiment of the present invention receives the application information of user terminal transmission by node, and application information includes user terminal User name, the public key of renewal, timestamp, at least one signing messages of renewal public key, signing messages is relevant with user terminal After the user name of the other users terminal-pair user terminal of connection relation, the public key of renewal, the timestamp of renewal public key are signed Obtained information, the node can be according at least one signing messages to this application Information Authentication, when hacker or attacker are with the use During the name modification public key of family terminal, due to the signing messages of other users terminal that can not obtain associating with the user terminal, Therefore the application information that the node in peer-to-peer network can not be sent to hacker or attacker be verified, i.e., hacker or attacker without Method changes the public key of the user terminal, so as to improve the security of modification public key.
Fig. 3 is the structure chart that the public key that another embodiment of the present invention provides changes device.On the basis of above-described embodiment, Receiving module 21 is additionally operable to receive the log-on message that the user terminal is sent, and the log-on message includes the user terminal User name, original public key, the timestamp of original public key, the user name of the other users terminal.
Authentication module 22 is specifically used for entering at least one signing messages using the public key of the other users terminal Row decryption, the information after being decrypted.It is described be verified including:Information and the user of the user terminal after the decryption Name, the public key of renewal, the timestamp of renewal public key are consistent.
In addition, public key modification device 20 also includes:Determining module 24 and obtain module 25, determining module 24 be used for determine with The user name of the relevant other users terminal of the user terminal;Module 25 is obtained to be used for according to other users end The user name at end, obtain the public key of the other users terminal.
Public key modification device provided in an embodiment of the present invention can be specifically used for performing the method implementation that above-mentioned Fig. 1 is provided Example, here is omitted for concrete function.
The embodiment of the present invention receives the application information of user terminal transmission by node, and application information includes user terminal User name, the public key of renewal, timestamp, at least one signing messages of renewal public key, signing messages is relevant with user terminal After the user name of the other users terminal-pair user terminal of connection relation, the public key of renewal, the timestamp of renewal public key are signed Obtained information, the node can be according at least one signing messages to this application Information Authentication, when hacker or attacker are with the use During the name modification public key of family terminal, due to the signing messages of other users terminal that can not obtain associating with the user terminal, Therefore the application information that the node in peer-to-peer network can not be sent to hacker or attacker be verified, i.e., hacker or attacker without Method changes the public key of the user terminal, so as to improve the security of modification public key.
In summary, the embodiment of the present invention receives the application information of user terminal transmission by node, and application information includes The user name of user terminal, renewal public key, update timestamp, at least one signing messages of public key, signing messages be with The user name of the relevant other users terminal-pair user terminal of family terminal, the public key of renewal, the timestamp for updating public key The information obtained after being signed, the node as hacker or can be attacked according at least one signing messages to this application Information Authentication When the person of hitting is with the name modification public key of the user terminal, due to the other users terminal that can not obtain associating with the user terminal Signing messages, therefore the application information that the node in peer-to-peer network can not be sent to hacker or attacker be verified, i.e. hacker Or attacker can not change the public key of the user terminal, so as to improve the security of modification public key.
In several embodiments provided by the present invention, it should be understood that disclosed apparatus and method, it can be passed through Its mode is realized.For example, device embodiment described above is only schematical, for example, the division of the unit, only Only a kind of division of logic function, there can be other dividing mode when actually realizing, such as multiple units or component can be tied Another system is closed or is desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or discussed Mutual coupling or direct-coupling or communication connection can be the INDIRECT COUPLINGs or logical by some interfaces, device or unit Letter connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, can also be realized in the form of hardware adds SFU software functional unit.
The above-mentioned integrated unit realized in the form of SFU software functional unit, can be stored in one and computer-readable deposit In storage media.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions are causing a computer It is each that equipment (can be personal computer, server, or network equipment etc.) or processor (processor) perform the present invention The part steps of embodiment methods described.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (Read- Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disc or CD etc. it is various Can be with the medium of store program codes.
Those skilled in the art can be understood that, for convenience and simplicity of description, only with above-mentioned each functional module Division progress for example, in practical application, can be complete by different functional modules by above-mentioned function distribution as needed Into the internal structure of device being divided into different functional modules, to complete all or part of function described above.On The specific work process of the device of description is stated, the corresponding process in preceding method embodiment is may be referred to, will not be repeated here.
Finally it should be noted that:Various embodiments above is merely illustrative of the technical solution of the present invention, rather than its limitations;To the greatest extent The present invention is described in detail with reference to foregoing embodiments for pipe, it will be understood by those within the art that:Its according to The technical scheme described in foregoing embodiments can so be modified, either which part or all technical characteristic are entered Row equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is departed from various embodiments of the present invention technology The scope of scheme.

Claims (10)

  1. A kind of 1. public key amending method, it is characterised in that including:
    Node in peer-to-peer network receives the application information that user terminal is sent, and the application information includes the user terminal User name, renewal public key, update public key timestamp, at least one signing messages, at least one signing messages be with The user name of user terminal, the public key of renewal, renewal are public described in the relevant other users terminal-pair of the user terminal The information that the timestamp of key obtains after being signed;
    The node is verified at least one signing messages;
    If the verification passes, then the user name of user terminal described in the nodes records, renewal public key, update time of public key Stamp.
  2. 2. according to the method for claim 1, it is characterised in that the node in the peer-to-peer network receives user terminal and sent Application information before, in addition to:
    The node receives the log-on message that the user terminal is sent, and the log-on message includes the user of the user terminal Name, original public key, the timestamp of original public key, the user name of the other users terminal.
  3. 3. according to the method for claim 2, it is characterised in that the node is tested at least one signing messages Card, including:
    At least one signing messages is decrypted using the public key of the other users terminal for the node, is decrypted Information afterwards.
  4. 4. according to the method for claim 3, it is characterised in that it is described be verified including:
    Information after the decryption is consistent with the timestamp of the user name of the user terminal, the public key of renewal, renewal public key.
  5. 5. according to the method for claim 3, it is characterised in that the node uses the public key pair of the other users terminal At least one signing messages is decrypted, before the information after being decrypted, in addition to:
    The node determines the user name of the other users terminal relevant with the user terminal;
    The node obtains the public key of the other users terminal according to the user name of the other users terminal.
  6. 6. a kind of public key changes device, it is characterised in that including:
    Receiving module, for receiving the application information of user terminal transmission, the application information includes the use of the user terminal Name in an account book, the public key of renewal, timestamp, at least one signing messages of renewal public key, at least one signing messages are and institute State the user name of user terminal described in the relevant other users terminal-pair of user terminal, the public key of renewal, renewal public key Timestamp signed after obtained information;
    Authentication module, for being verified at least one signing messages;
    Logging modle, for the user name for when being verified, recording the user terminal, the public key updated, update public key Timestamp.
  7. 7. public key according to claim 6 changes device, it is characterised in that the receiving module is additionally operable to receive the use The log-on message that family terminal is sent, the log-on message include the user name of the user terminal, original public key, original public key The user name of timestamp, the other users terminal.
  8. 8. public key according to claim 7 changes device, it is characterised in that the authentication module is specifically used for described in use At least one signing messages is decrypted the public key of other users terminal, the information after being decrypted.
  9. 9. public key according to claim 8 changes device, it is characterised in that it is described be verified including:
    Information after the decryption is consistent with the timestamp of the user name of the user terminal, the public key of renewal, renewal public key.
  10. 10. public key according to claim 8 changes device, it is characterised in that also includes:
    Determining module, for determining the user name of the other users terminal relevant with the user terminal;
    Module is obtained, for the user name according to the other users terminal, obtains the public key of the other users terminal.
CN201710313053.2A 2017-05-05 2017-05-05 Public key modification method and device Active CN107425973B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710313053.2A CN107425973B (en) 2017-05-05 2017-05-05 Public key modification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710313053.2A CN107425973B (en) 2017-05-05 2017-05-05 Public key modification method and device

Publications (2)

Publication Number Publication Date
CN107425973A true CN107425973A (en) 2017-12-01
CN107425973B CN107425973B (en) 2020-03-31

Family

ID=60425423

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710313053.2A Active CN107425973B (en) 2017-05-05 2017-05-05 Public key modification method and device

Country Status (1)

Country Link
CN (1) CN107425973B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109271189A (en) * 2018-09-26 2019-01-25 郑州云海信息技术有限公司 A kind of processing method and relevant apparatus of embedded system firmware

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050120106A1 (en) * 2003-12-02 2005-06-02 Nokia, Inc. System and method for distributing software updates to a network appliance
CN102122332A (en) * 2011-02-16 2011-07-13 北京天地融科技有限公司 Method and system for managing password of electronic signing tool
CN102469453A (en) * 2010-11-12 2012-05-23 国民技术股份有限公司 Security certificate method and system
CN104821941A (en) * 2015-04-21 2015-08-05 南京邮电大学 Smart card password authentication and password changing method
CN105530246A (en) * 2015-12-04 2016-04-27 华为技术有限公司 Method, device and system for managing virtual machine

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050120106A1 (en) * 2003-12-02 2005-06-02 Nokia, Inc. System and method for distributing software updates to a network appliance
CN102469453A (en) * 2010-11-12 2012-05-23 国民技术股份有限公司 Security certificate method and system
CN102122332A (en) * 2011-02-16 2011-07-13 北京天地融科技有限公司 Method and system for managing password of electronic signing tool
CN104821941A (en) * 2015-04-21 2015-08-05 南京邮电大学 Smart card password authentication and password changing method
CN105530246A (en) * 2015-12-04 2016-04-27 华为技术有限公司 Method, device and system for managing virtual machine

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109271189A (en) * 2018-09-26 2019-01-25 郑州云海信息技术有限公司 A kind of processing method and relevant apparatus of embedded system firmware

Also Published As

Publication number Publication date
CN107425973B (en) 2020-03-31

Similar Documents

Publication Publication Date Title
Cohn-Gordon et al. On ends-to-ends encryption: Asynchronous group messaging with strong security guarantees
US10122710B2 (en) Binding a data transaction to a person's identity using biometrics
CN111523133B (en) Block chain and cloud data collaborative sharing method
CN112425136B (en) Internet of things security with multiparty computing (MPC)
CN111566990A (en) Secure key agreement with untrusted devices
CN106104562A (en) Safety of secret data stores and recovery system and method
CN109543443A (en) User data management, device, equipment and storage medium based on block chain
CN106130716A (en) Cipher key exchange system based on authentication information and method
CN106941404A (en) Cryptographic key protection method and device
CN109962777A (en) The key in block catenary system is permitted to generate, obtain the method and apparatus of key
Ristić Bulletproof SSL and TLS
CN110289951A (en) A kind of shared content monitoring method based on Threshold key sharing and block chain
CN108768636A (en) A method of restoring private key using multi-party collaboration
JPWO2020165932A1 (en) Information processing equipment, secret calculation method and program
CN112382376A (en) Medical instrument management tracing system based on block chain
Wang et al. Improved group‐oriented proofs of cloud storage in IoT setting
EP3509246B1 (en) Key exchange method and key exchange system
GB2488753A (en) Encrypted communication
Assiri et al. Homomorphic password manager using multiple-hash with PUF
CN107425973A (en) Public key amending method and device
CN114189388A (en) Alliance link key management system and method
Chang A flexible hierarchical access control mechanism enforcing extension policies
Pushpa Enhancing Data Security by Adapting Network Security and Cryptographic Paradigms
CN107172016B (en) Safety trust processing method and device
US11451518B2 (en) Communication device, server device, concealed communication system, methods for the same, and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant