CN108964908A - A kind of method and system of controlled key agreement - Google Patents

A kind of method and system of controlled key agreement Download PDF

Info

Publication number
CN108964908A
CN108964908A CN201810905979.5A CN201810905979A CN108964908A CN 108964908 A CN108964908 A CN 108964908A CN 201810905979 A CN201810905979 A CN 201810905979A CN 108964908 A CN108964908 A CN 108964908A
Authority
CN
China
Prior art keywords
user equipment
key
encryption
encrypted public
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810905979.5A
Other languages
Chinese (zh)
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201810905979.5A priority Critical patent/CN108964908A/en
Publication of CN108964908A publication Critical patent/CN108964908A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Abstract

The present invention discloses a kind of method and system of controlled key agreement, include: that the first user equipment receives encryption Your Majesty's key, first the first encryption key of user equipment and second user device identification, the first encrypted public key of second user equipment is generated according to second user device identification and encryption Your Majesty's key;Receive the second encrypted public key of second user equipment, judge whether the second encrypted public key of second user equipment meets the first preset condition, it is then, to generate the first random number, first the second encrypted public key of user equipment is generated according to the first random number and the first encrypted public key of second user equipment;First user is according to first the second encrypted public key of user equipment, the second encrypted public key of second user equipment, the first encryption key of user equipment, encryption Your Majesty's key and first the first check value of generating random number and arranging key;The second check value that second user equipment is sent is received, judges whether the first check value is equal to the second check value, is then key agreement success;Otherwise, failure terminates.

Description

A kind of method and system of controlled key agreement
Technical field
The present invention relates to information security field more particularly to a kind of method and system of controlled key agreement.
Technical background
With the development of information technology, information security is increasingly subject to the attention of people, in the prior art, communicating pair communication Communication data in the process can generally be related to significant data, such as transaction amount, user name, password, and these significant data meetings It is stored in Transaction Information, once Transaction Information can bring security risk to the interests of user by illegal interception.
Key agreement is a kind of key establishing techniques, and two or more participants in system provide information jointly, respectively Derive one either party cannot predefine the shared key of result, in particular with increasingly complicated, the letter of communication environment The continuous development of breath technology and the continuous improvement of computing capability, the attack means in communication environment also continue to develop, so that very much All there is different degrees of security risk in cryptographic key negotiation method.
Summary of the invention
In order to solve problem above, according to the present invention, a kind of method of controlled key agreement is provided, comprising:
Step a, the first user equipment receives the encryption Your Majesty key and the first user equipment that key generation device is sent One encryption key;The second user device identification that second user equipment is sent is received, according to second user device identification and is added Close Your Majesty's key generates the first encrypted public key of second user equipment;
Step b, the first user equipment receives the second encrypted public key of second user equipment that second user equipment is sent, judgement Whether the second encrypted public key of second user equipment meets the first preset condition, if so, executing step c;Otherwise, key agreement loses It loses, terminates;
Step c, the first user equipment generates the first random number, is encrypted according to the first random number and second user equipment first Public key generates first the second encrypted public key of user equipment;
Step d, the first user equipment encrypts public affairs according to first the second encrypted public key of user equipment, second user equipment second Key, first the first encryption key of user equipment, encryption Your Majesty's key and first the first check value of generating random number and negotiation are close Key;
Step e, the first user equipment receives the second check value that second user equipment is sent, and whether judges the first check value Equal to the second check value, if so, key agreement success;Otherwise, key agreement fails, and terminates.
A kind of system of controlled key agreement is provided according to the present invention, comprising:
Key generation device, the first user equipment and second user equipment;
Wherein, the first user equipment includes:
First receiving module, for receiving the encryption Your Majesty key and the first user equipment first of key generation device transmission Encryption key;It is also used to receive the second user device identification of second user equipment transmission;
Generation module, the second user device identification and encryption Your Majesty's key for being received according to the first receiving module are raw At the first encrypted public key of second user equipment;
First receiving module is also used to receive the second encrypted public key of second user equipment of second user equipment transmission;
Whether judgment module, the second encrypted public key of second user equipment for judging that the first receiving module receives meet First preset condition;
Generation module is also used to judge that the second encrypted public key of second user equipment meets the first default item when judgment module When part, the first random number is generated, the first user equipment is generated according to the first random number and the first encrypted public key of second user equipment Second encrypted public key;
Generation module be also used to according to first the second encrypted public key of user equipment, the second encrypted public key of second user equipment, First the first encryption key of user equipment, encryption Your Majesty's key and first the first check value of generating random number and arranging key;
First receiving module is also used to receive the second check value of second user equipment transmission;
Judgment module is also used to sentence when the first receiving module receives the second check value of second user equipment transmission Whether disconnected first check value is equal to the second check value.
It ensure that the correctness for the key that negotiation obtains through the invention, and the process for obtaining arranging key more pacified Entirely.
Detailed description of the invention
Fig. 1 according to embodiments of the present invention 1 provides the flow chart of a kind of method of controlled key agreement;
Fig. 2 according to embodiments of the present invention 2 provides the thread figure of a kind of method of controlled key agreement;
Fig. 3 according to embodiments of the present invention 3 provides the thread figure of a kind of method of controlled key agreement;
Fig. 4 according to embodiments of the present invention 4 provides a kind of block diagram of the system of controlled key agreement.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Whole description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment belongs to protection scope of the present invention.
In order to facilitate understanding of embodiments of the present invention, it is further explained explanation below in conjunction with attached drawing, embodiment is simultaneously It does not constitute a limitation of the invention.
Embodiment one
In order to solve problem above, according to embodiments of the present invention one a kind of method of controlled key agreement, such as Fig. 1 are provided It is shown, comprising:
Step 101, the first user equipment receive encryption Your Majesty key and the first user equipment that key generation device is sent First encryption key;Receive the second user device identification that second user equipment is sent, according to second user device identification and It encrypts Your Majesty's key and generates the first encrypted public key of second user equipment;
Step 102, the first user equipment receive the second encrypted public key of second user equipment that second user equipment is sent, and sentence Whether disconnected the second encrypted public key of second user equipment meets the first preset condition, if so, executing step 103;Otherwise, key is assisted Quotient's failure, terminates;
Step 103, the first user equipment generate the first random number, are added according to the first random number and second user equipment first Migong key generates first the second encrypted public key of user equipment;
Step 104, the first user equipment are encrypted according to first the second encrypted public key of user equipment, second user equipment second Public key, first the first encryption key of user equipment, encryption Your Majesty's key and first the first check value of generating random number and negotiation Key;
Step 105, the first user equipment receive the second check value that second user equipment is sent, and judge that the first check value is It is no to be equal to the second check value, if so, key agreement success;Otherwise, key agreement fails, and terminates.
Optionally, step 101 further include:
First user equipment receives the system parameter that key generation device is sent.
Optionally, the first user equipment receives system parameter from key generation device specifically:
First user equipment receives the first parameter, the second parameter and the third parameter that key generation device is sent.
Optionally, a kind of method of controlled key agreement, further includes:
Second user equipment receives system parameter, encryption Your Majesty's key, private key generating function mark from key generation device, and The first encryption key of second user equipment.
Optionally, second user equipment receives the system parameter that key generation device is sent specifically:
Second user equipment receives the first parameter, the second parameter and the third parameter that key generation device is sent.
Optionally, second user equipment the is generated according to second user device identification and encryption Your Majesty's key in step 101 One encrypted public key specifically includes:
First user equipment receives second user device identification, according to second user device identification, private key generating function mark Know, encryption Your Majesty's key and the second parameter generate the first encrypted public key of second user equipment.
Optionally, it is specific to judge whether the second encrypted public key of second user equipment meets the first preset condition in step 102 Are as follows:
Judge whether the second encrypted public key of second user equipment belongs to first circulation group, if it is, second user equipment Second encrypted public key meets the first preset condition, executes step 103;Otherwise, the second encrypted public key of second user equipment is unsatisfactory for First preset condition, key agreement failure, terminates.
Optionally, step 103 specifically includes:
First user equipment generates the first random number as first the second encryption key of user equipment, is set according to the first user Standby second encryption key and the first encrypted public key of second user equipment generate first the second encrypted public key of user equipment, send first The second encrypted public key of user equipment gives second user equipment.
Optionally, step 104 specifically includes:
Step 104-1, the first user equipment is encrypted according to encryption Your Majesty's key, third parameter and the first user equipment second Private key generates the 4th variable;The is generated according to the second encrypted public key of second user equipment and first the first encryption key of user equipment Five variables;The 6th variable is generated according to the 5th variable and first the second encryption key of user equipment;
Step 104-2, the first school is calculated according to the 4th variable, the 5th variable and the 6th variable in the first user equipment Value, third check value and arranging key are tested, arranging key is sent and gives second user equipment.
Embodiment two
According to embodiments of the present invention two provide a kind of method of controlled key agreement, for including key generation device, In the system of first user equipment and second user equipment, as shown in Figure 2, comprising:
Step 201: key generation device, which generates, encrypts main private key, encryption Your Majesty's key and user encryption private key;
Wherein, preset system parameter in key generation device, system parameter include the first parameter, i.e. generation in cyclic group First point P1;Second parameter, i.e. cyclic group G1、G2And GTRank N;Third parameter generates first point P that is, in cyclic group2
Optionally, step 201 further include: key generation device receives the first user identity mark that the first user equipment is sent Know IDA, second user equipment send second user identity IDBAnd private key generating function identifies hid;
Optionally, step 201 specifically includes:
Step 201-1, key generation device, which generates, encrypts main private key ke;
Optionally, key generation device generates random number k e as the main private key of encryption, ke ∈ [1, N-1];
Step 201-2, key generation device is according to the main private key ke and the first parameter P of encryption1It generates and adds by cryptographic calculation Close Your Majesty's key Ppub-e
Step 201-3, key generation device is according to the first user equipment identity IDA, private key generating function mark Hid, the second parameter N and third parameter P2It carries out cryptographic calculation and generates first the first encryption key of user equipment dA;According to second User equipment identity IDB, private key generating function mark hid, that the second parameter N and third parameter P2 carry out cryptographic calculation is raw At the first encryption key of second user equipment dB
Step 202: key generation device sends encryption Your Majesty's key, system parameter and the first user equipment first and encrypts private Key gives the first user equipment;Encryption Your Majesty's key, system parameter and the first encryption key of second user equipment is sent to use to second Family equipment;
Step 203: second user equipment sends second user device identification to the first user equipment;
Step 204: the first user equipment receives second user device identification, raw according to second user device identification, private key The first encrypted public key of second user equipment is generated at function identification, encryption Your Majesty's key and the second parameter, and sends the first user Second user equipment is given in device identification;
Optionally, the first user equipment is according to second user device identification IDB, private key generating function mark hid, encryption master Public key Ppub-eAnd second parameter N generate the first encrypted public key of second user equipment specifically include:
First user equipment is by second user device identification IDBSpliced with private key generating function mark hid As a result the generating function operation of preset key hash is carried out with the second parameter N, then multiplied by the first parameter P1, then with encryption Your Majesty Key Ppub-eAddition obtains the first encrypted public key of second user equipment QEB
Step 205: second user equipment receives the first customer equipment identification, raw according to the first customer equipment identification, private key First the first encrypted public key of user equipment is generated at function identification, encryption Your Majesty's key and the second parameter;
Optionally, second user equipment is according to the first customer equipment identification IDA, private key generating function mark hid, encryption master Public key Ppub-eAnd second parameter N generate first the first encrypted public key of user equipment QEAIt specifically includes:
Second user equipment is by the first customer equipment identification IDASpliced with private key generating function mark hid As a result the generating function operation of preset key hash is carried out with the second parameter N, then multiplied by the first parameter P1, then with encryption Your Majesty Key Ppub-eAddition obtains the first user equipment encrypted public key QEA
Step 206: second user equipment generates the second random number as the second encryption key of second user equipment, according to the Two the second encryption key of user equipment and first the first encrypted public key of user equipment generate the second encrypted public key of second user equipment, And the second encrypted public key of second user equipment is sent to the first user equipment;
Wherein, the value range of the second random number is [1, N-1].
Step 207: the first user equipment receives the second encrypted public key of second user equipment, judges second user equipment second Whether encrypted public key meets the first preset condition, if so, executing step 208;Otherwise, key agreement fails, and terminates;
Optionally, step 207 specifically: the first user equipment receives the second encrypted public key of second user equipment RB, judgement The second encrypted public key of second user equipment RBWhether first circulation group G1 is belonged to, if so, executing step 208;Otherwise, key is assisted Quotient's failure, terminates;
Step 208: the first user equipment generates the first random number as first the second encryption key of user equipment rA, according to First the second encryption key of user equipment and the first encrypted public key of second user equipment generate the first user equipment second and encrypt public affairs Key, and send first the second encrypted public key of user equipment and give second user equipment;
Step 209: second user equipment receives first the second encrypted public key of user equipment, judges the first user equipment second Whether encrypted public key meets the second preset condition, if so, executing step 210;Otherwise, key agreement fails, and terminates;
Optionally, step 209 specifically: second user equipment judges first the second encrypted public key of user equipment RAWhether belong to In first circulation group G1, if so, executing step 210;Otherwise, key agreement fails, and terminates;
Step 210: second user equipment adds according to first the second encrypted public key of user equipment and second user equipment first Close private key generates the first variable;The is generated according to encryption Your Majesty's key, third parameter and the second encryption key of second user equipment Two variables;Third variable is generated according to the first variable and the second encryption key of second user equipment;
Optionally, first the second encrypted public key of user equipment RA, with the first encryption key of second user equipment dBPass through two-wire Property obtains the first variable g1 to operation;Encrypt Your Majesty's key Ppub-e, with third parameter P2It is obtained by Bilinear map operation as a result, right Obtained result calculates RBPower obtains the second variable g2;R is calculated to the first variable g1BPower obtains third variable g3;
Wherein, RBFor the second encryption key of second user equipment;
Step 211: the second verification is calculated according to the first variable, the second variable and third variable in second user equipment Value, the 4th check value and the first arranging key;
Optionally, second user equipment is by the second variable g2, third variable g3, the first user identifier IDA, second user mark Know IDB, first user the second encrypted public key Ra and the second encrypted public key of second user Rb spliced to obtain the first splicing knot Fruit carries out Hash operation to the first splicing result and obtains the first Hash result, the first Hash result, the first variable and the first mark Knowledge is spliced to obtain the 4th check value S2;
Second user equipment is by the second variable g2, third variable g3, the first user identifier IDA, second user identify IDB, One user the second encrypted public key Ra and the second encrypted public key of second user Rb are spliced to obtain the first splicing result, to first Splicing result carries out Hash operation and obtains the first Hash result, and the first Hash result, the first variable and second identifier are spelled It connects to obtain the second check value Sb;
Second user equipment splices the first customer equipment identification IDA, second user device identification IDB, the first user second plus Migong key Ra and the second encrypted public key of second user Rb, the first variable g1, the second variable g2 and third variable g3 obtain Two splicing results generate the first arranging key SKb by cipher key derivation function according to the second splicing result and key length.
Step 212: the first user equipment encrypts private according to encryption Your Majesty's key, third parameter and the first user equipment second Key generates the 4th variable;The 5th is generated according to the second encrypted public key of second user and first the first encryption key of user equipment to become Amount;The 6th variable is generated according to the 5th variable and first the second encryption key of user equipment;
Specifically, the first user equipment is according to encryption Your Majesty's key Ppub-eIt is obtained with third parameter P2 by Bilinear map operation Result carry out RAPower generates the 4th variable g1 ';Second user equipment the second encrypted public key Rb and the first user equipment first Encryption key Da obtains the 5th variable g2 ' by Bilinear map operation;R is calculated to the 5th variable g2 'APower obtains the 6th variable g3';
RAFor the first user equipment ephemeral encryption private key.
Step 213: the first verification is calculated according to the 4th variable, the 5th variable and the 6th variable in the first user equipment Value, third check value and the second arranging key, and send third check value and give second user equipment;
Such as: the first user equipment is calculated according to the 4th variable g1 ', the 5th variable g2 ' and the 6th variable g3 ' One check value S1, third check value Sa and arranging key SKa, and send third check value Sa and give second user equipment;
Step 214: second user equipment receives third check value, and judges whether third check value is equal to the 4th verification Value sends the second check value to first if so, being sent to the key confirmation success of second user equipment from the first user equipment User equipment executes step 215;Otherwise, key agreement fails, and terminates;
Step 215: the first user equipment judges whether the second check value is equal to the first check value, if so, using from second Family equipment is sent to the key confirmation success of the first user equipment;Otherwise, key agreement fails, and terminates.
Method in through the embodiment of the present invention, ensure that the correctness for the key that negotiation obtains, and to be negotiated The process of key is safer.
Embodiment three
According to embodiments of the present invention three provide a kind of method of controlled key agreement, for include the first user equipment and In the system of second user equipment, as shown in Figure 3, comprising:
Step 301: second user equipment sends second user device identification to the first user equipment;
Optionally, it is prefixed system parameter, encryption Your Majesty's key, private key respectively in the first user equipment and second user equipment Generating function mark;Also preset the first encryption key of first user equipment and the first customer equipment identification in first user equipment; Preset the first encryption key of second user equipment and second user mark in second user equipment;
Optionally, the first user equipment and second user equipment can also receive system ginseng from key generation device respectively Number, encryption Your Majesty's key and the first encryption key of user equipment;Optionally, system parameter includes: the first parameter, i.e., in cyclic group Generation member point P1;Second parameter, i.e. cyclic group G1、G2And GTRank N;Third parameter generates first point P2 that is, in cyclic group.
Step 302: the first user equipment receives second user device identification, raw according to second user device identification, private key The first encrypted public key of second user equipment is generated at function identification, encryption Your Majesty's key and the second parameter, and sends the first user Second user equipment is given in device identification;
Optionally, the first user equipment according to second user device identification, private key generating function mark, encryption Your Majesty's key with And second parameter generate the first encrypted public key of second user equipment specifically include:
First user equipment by second user device identification and the private key generating function result spliced of mark and Second parameter carries out the generating function operation of preset key hash, then multiplied by the first parameter, is then added with encryption Your Majesty's key To the first encrypted public key of second user equipment.
Step 303: second user equipment receives the first customer equipment identification, raw according to the first customer equipment identification, private key First the first encrypted public key of user equipment is generated at function identification, encryption Your Majesty's key and the second parameter;
Optionally, second user equipment according to the first customer equipment identification, private key generating function mark, encryption Your Majesty's key with And second parameter generate first the first encrypted public key of user equipment specifically include:
Second user equipment by the first customer equipment identification and the private key generating function result spliced of mark and Second parameter carries out the generating function operation of preset key hash, then multiplied by the first parameter, is then added with encryption Your Majesty's key To first the first encrypted public key of user equipment.
Step 304: second user equipment generates the second random number as the second encryption key of second user equipment, according to the Two the second encryption key of user equipment and first the first encrypted public key of user equipment generate the second encrypted public key of second user equipment, And the second encrypted public key of second user equipment is sent to the first user equipment;
Wherein, the value range of random number is [1, N-1].
Step 305: the first user equipment receives the second encrypted public key of second user equipment, judges second user equipment second Whether encrypted public key meets the first preset condition, if so, executing step 306;Otherwise, key agreement fails, and terminates;
Optionally, step 305 specifically: the first user equipment receives the second encrypted public key of second user equipment, judges the Whether two the second encrypted public keys of user equipment belong to first circulation group G1, if so, executing step 308;Otherwise, key agreement loses It loses, terminates;
Step 306: the first user equipment generates the first random number as first the second encryption key of user equipment, according to the One the second encryption key of user equipment and the first encrypted public key of second user equipment generate first the second encrypted public key of user equipment, And it sends first the second encrypted public key of user equipment and gives second user equipment;
Step 307: second user equipment receives first the second encrypted public key of user equipment, judges the first user equipment second Whether encrypted public key meets the second preset condition, if so, executing step 308;Otherwise, key agreement fails, and terminates;
Optionally, step 307 specifically: second user equipment judges whether first the second encrypted public key of user equipment belongs to First circulation group G1, if so, executing step 308;Otherwise, key agreement fails, and terminates;
Step 308: second user equipment adds according to first the second encrypted public key of user equipment and second user equipment first Close private key generates the first variable;The is generated according to encryption Your Majesty's key, third parameter and the second encryption key of second user equipment Two variables;Third variable is generated according to the first variable and the second encryption key of second user equipment;
Optionally, first user equipment the second encrypted public key Ra passes through double with second user equipment the first encryption key Db The first variable g1 linearly is obtained to operation;Encrypt Your Majesty's key Ppub, obtained with third parameter P2 by Bilinear map operation as a result, Rb power is calculated to obtained result, obtains the second variable g2;Rb power is calculated to the first variable g1, obtains third variable g3;
Rb is the second encrypted public key of second user equipment.
Step 309: the second verification is calculated according to the first variable, the second variable and third variable in second user equipment Value, the 4th check value and the first arranging key;
Optionally, second user equipment by the second variable, third variable, the first user identifier, second user mark, first The second encrypted public key of user equipment and the second encrypted public key of second user equipment are spliced to obtain the first splicing result, to One splicing result carries out Hash operation and obtains the first Hash result, and the first Hash result, the first variable and first identifier carry out Splicing obtains the 4th check value S2;
Second user equipment sets the second variable, third variable, the first user identifier, second user mark, the first user Standby second encrypted public key and the second encrypted public key of second user equipment are spliced to obtain the first splicing result, are spliced to first As a result it carries out Hash operation and obtains the first Hash result, the first Hash result, the first variable and second identifier splice To the second check value Sb;
The first customer equipment identification of second user equipment splicing, second user device identification, the first user equipment second add The second encrypted public key of Migong key and second user equipment, the first variable, the second variable and third variable obtain the second splicing As a result, generating the first arranging key SKb by cipher key derivation function according to the second splicing result and key length.
Step 310: the first user equipment encrypts private according to encryption Your Majesty's key, third parameter and the first user equipment second Key generates the 4th variable;The 5th is generated according to the second encrypted public key of second user equipment and first the first encryption key of user equipment Variable;The 6th variable is generated according to the 5th variable and first the second encryption key of user equipment.
Step 311: the first verification is calculated according to the 4th variable, the 5th variable and the 6th variable in the first user equipment Value, third check value and the second arranging key, and send third check value and give second user equipment;
Such as: the first check value is calculated according to the 4th variable, the 5th variable and the 6th variable in the first user equipment S1, third check value Sa and arranging key SKa, and send third check value Sa and give second user equipment;
Step 312: second user equipment receives third check value, and judges whether third check value is equal to the 4th verification Value sends the second check value to first if so, being sent to the key confirmation success of second user equipment from the first user equipment User equipment executes step 115;Otherwise, key agreement fails, and terminates;
Step 313: the first user equipment judges whether the second check value is equal to the first check value, if so, using from second Family equipment is sent to the key confirmation success of the first user equipment;Otherwise, key agreement fails, and terminates.
Method in through the embodiment of the present invention, ensure that the correctness for the key that negotiation obtains, and to be negotiated The process of key is safer.
Example IV
According to embodiments of the present invention four provide a kind of system of controlled key agreement, as shown in Figure 4, comprising:
Key generation device, the first user equipment and second user equipment;
Wherein, the first user equipment includes:
First receiving module, for receiving the encryption Your Majesty key and the first user equipment first of key generation device transmission Encryption key;It is also used to receive the second user device identification of second user equipment transmission;
Generation module, the second user device identification and encryption Your Majesty's key for being received according to the first receiving module are raw At the first encrypted public key of second user equipment;
First receiving module is also used to receive the second encrypted public key of second user equipment of second user equipment transmission;
Whether judgment module, the second encrypted public key of second user equipment for judging that the first receiving module receives meet First preset condition;
Generation module is also used to judge that the second encrypted public key of second user equipment meets the first default item when judgment module When part, the first random number is generated, the first user equipment is generated according to the first random number and the first encrypted public key of second user equipment Second encrypted public key;
Generation module be also used to according to first the second encrypted public key of user equipment, the second encrypted public key of second user equipment, First the first encryption key of user equipment, encryption Your Majesty's key and first the first check value of generating random number and arranging key;
First receiving module is also used to receive the second check value of second user equipment transmission;
Judgment module is also used to sentence when the first receiving module receives the second check value of second user equipment transmission Whether disconnected first check value is equal to the second check value.
Optionally, the first receiving module is also used to receive the system parameter of key generation device transmission.
Optionally, the first receiving module be specifically used for receive key generation device send the first parameter, the second parameter with And third parameter.
Optionally, second user equipment includes:
Second receiving module, for receiving system parameter, encryption Your Majesty's key, private key generating function mark from key generation device Knowledge and the first encryption key of second user equipment.
Optionally, the second receiving module is specifically used for receiving the first parameter, the second parameter, that key generation device is sent Three parameters, the main private key of encryption, private key generating function mark and the first encryption key of second user equipment.
Optionally, generation module specifically includes:
Receiving submodule, for receiving second user device identification;
Generate submodule, second user device identification, private key generating function mark for receiving according to receiving submodule Know, encryption Your Majesty's key and the second parameter generate the first encrypted public key of second user equipment.
Optionally, the second user equipment second that judgment module is specifically used for judging that the first receiving module receives encrypts public affairs Whether key belongs to first circulation group.
Optionally, generation module specifically includes:
First generates submodule, for generating the first random number as first the second encryption key of user equipment;
Second generates submodule, for being encrypted according to first the second encryption key of user equipment and second user equipment first Public key generates first the second encrypted public key of user equipment;
Sending submodule, for sending first the second encrypted public key of user equipment of the second generation submodule generation to second User equipment.
Optionally, generation module further include:
Third generates submodule, for encrypting private according to encryption Your Majesty's key, third parameter and the first user equipment second Key generates the 4th variable;
4th generates submodule, for being encrypted according to the second encrypted public key of second user equipment and the first user equipment first Private key generates the 5th variable;
5th generates submodule, becomes for generating the 6th according to the 5th variable and first the second encryption key of user equipment Amount;
6th generates submodule, generates the first verification for calculating according to the 4th variable, the 5th variable and the 6th variable Value, third check value and arranging key;
Second sending submodule gives second user equipment for sending the arranging key that the 6th generation submodule generates.
Through the invention, it ensure that the correctness for the key that negotiation obtains, and make the process of acquisition arranging key more Safety.

Claims (18)

1. a kind of method of controlled key agreement characterized by comprising
Step a, the first user equipment receives the encryption Your Majesty key of key generation device transmission and the first user equipment first adds Close private key;The second user device identification that second user equipment is sent is received, according to the second user device identification and institute It states encryption Your Majesty's key and generates the first encrypted public key of second user equipment;
Step b, described first user equipment receives the second encrypted public key of second user equipment that the second user equipment is sent, Judge whether second encrypted public key of second user equipment meets the first preset condition, if so, executing step c;Otherwise, close Key negotiates failure, terminates;
Step c, described first user equipment generates the first random number, according to first random number and the second user equipment First encrypted public key generates first the second encrypted public key of user equipment;
Step d, described first user equipment is according to second encrypted public key of the first user equipment, the second user equipment Two encrypted public keys, first encryption key of the first user equipment, the encryption Your Majesty key and first generating random number First check value and arranging key;
Step e, described first user equipment receives the second check value that the second user equipment is sent, and judges first school Test whether value is equal to second check value, if so, key agreement success;Otherwise, key agreement fails, and terminates.
2. the method as described in claim 1, which is characterized in that the step a further include:
First user equipment receives the system parameter that the key generation device is sent.
3. method according to claim 2, which is characterized in that first user equipment receives the key generation device hair The system parameter sent specifically:
First user equipment receives the first parameter, the second parameter and the third parameter that the key generation device is sent.
4. the method as described in claim 1, which is characterized in that further include:
The second user equipment receives system parameter, encryption Your Majesty's key, private key generating function mark from key generation device, and The first encryption key of second user equipment.
5. method as claimed in claim 4, which is characterized in that the second user equipment receives system from key generation device Parameter specifically:
The second user equipment receives the first parameter, the second parameter and the third parameter that the key generation device is sent.
6. method as claimed in claim 3, which is characterized in that in the step a according to the second user device identification with And encryption Your Majesty's key generates the first encrypted public key of second user equipment and specifically includes:
First user equipment receives the second user device identification, generates letter according to the second user device identification, private key Number mark, the encryption Your Majesty key and the second parameter generate first encrypted public key of second user equipment.
7. the method as described in claim 1, which is characterized in that judge the second user equipment described in the step b Whether two encrypted public keys meet the first preset condition specifically:
Judge whether second encrypted public key of second user equipment belongs to first circulation group, if it is, the second user The second encrypted public key of equipment meets the first preset condition, executes step c;Otherwise, second encrypted public key of second user equipment It is unsatisfactory for the first preset condition, key agreement failure terminates.
8. the method as described in claim 1, which is characterized in that the step c is specifically included:
First user equipment generates first random number as first the second encryption key of user equipment, according to described the One the second encryption key of user equipment and first encrypted public key of second user equipment generate first user equipment second Encrypted public key sends second encrypted public key of the first user equipment to the second user equipment.
9. method as claimed in claim 3, which is characterized in that the step d is specifically included:
Step d-1, described first user equipment is set according to the encryption Your Majesty key, the third parameter and first user Standby second encryption key generates the 4th variable;According to second encrypted public key of second user equipment and first user equipment First encryption key generates the 5th variable;The is generated according to the 5th variable and second encryption key of the first user equipment Six variables;
Step d-2, described first user equipment is calculated according to the 4th variable, the 5th variable and the 6th variable First check value, third check value and the arranging key are obtained, sends the arranging key to the second user Equipment.
10. a kind of system of controlled key agreement characterized by comprising
Key generation device, the first user equipment and second user equipment;
Wherein, first user equipment includes:
First receiving module, for receiving encryption Your Majesty key and the encryption of the first user equipment first of key generation device transmission Private key;It is also used to receive the second user device identification of second user equipment transmission;
Generation module, the second user device identification and the encryption for being received according to first receiving module Your Majesty's key generates the first encrypted public key of second user equipment;
First receiving module is also used to receive the second encrypted public key of second user equipment that the second user equipment is sent;
Judgment module, for judging whether is second encrypted public key of second user equipment that first receiving module receives Meet the first preset condition;
The generation module is also used to judge that second encrypted public key of second user equipment meets institute when the judgment module When stating the first preset condition, the first random number is generated, is encrypted according to first random number and the second user equipment first Public key generates first the second encrypted public key of user equipment;
The generation module is also used to be added according to second encrypted public key of the first user equipment, the second user equipment second Migong key, first encryption key of the first user equipment, the encryption Your Majesty key and first generating random number first Check value and arranging key;
First receiving module is also used to receive the second check value that the second user equipment is sent;
The judgment module is also used to receive described second that the second user equipment is sent when first receiving module When check value, judge whether first check value is equal to second check value.
11. system as claimed in claim 10, which is characterized in that it is raw that first receiving module is also used to receive the key The system parameter that forming apparatus is sent.
12. equipment as claimed in claim 11, which is characterized in that first receiving module is specifically used for receiving the key The first parameter, the second parameter and the third parameter that generating device is sent.
13. system as claimed in claim 10, which is characterized in that the second user equipment includes:
Second receiving module, for receiving system parameter, encryption Your Majesty's key, private key generating function mark from the key generation device Knowledge and the first encryption key of second user equipment.
14. the system as described in right 13, which is characterized in that second receiving module is specifically used for receiving the key generation The first parameter, the second parameter, third parameter, the main private key of the encryption, private key generating function mark and the institute that equipment is sent State the first encryption key of second user equipment.
15. system as claimed in claim 12, which is characterized in that the generation module includes:
Receiving submodule, for receiving the second user device identification;
Submodule is generated, the second user device identification, private key for receiving according to the receiving submodule generate letter Number mark, the encryption Your Majesty key and the second parameter generate first encrypted public key of second user equipment.
16. system as claimed in claim 10, which is characterized in that the judgment module is specifically used for judging that described first receives Whether second encrypted public key of second user equipment that module receives belongs to first circulation group.
17. system as claimed in claim 10, which is characterized in that the generation module includes:
First generates submodule, for generating first random number as first the second encryption key of user equipment;
Second generates submodule, for according to second encryption key of the first user equipment and the second user equipment first Encrypted public key generates second encrypted public key of the first user equipment;
Sending submodule, for send it is described second generate submodule generate second encrypted public key of the first user equipment to The second user equipment.
18. system as claimed in claim 12, which is characterized in that the generation module further include:
Third generates submodule, for according to the encryption Your Majesty key, the third parameter and first user equipment the Two encryption key generate the 4th variable;
4th generates submodule, for according to second encrypted public key of second user equipment and first user equipment first Encryption key generates the 5th variable;
5th generates submodule, for generating the 6th according to the 5th variable and second encryption key of the first user equipment Variable;
6th generates submodule, generates for being calculated according to the 4th variable, the 5th variable and the 6th variable First check value, third check value and the arranging key;
Second sending submodule generates the arranging key of submodule generation to the second user for sending the described 6th Equipment.
CN201810905979.5A 2018-08-10 2018-08-10 A kind of method and system of controlled key agreement Pending CN108964908A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810905979.5A CN108964908A (en) 2018-08-10 2018-08-10 A kind of method and system of controlled key agreement

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810905979.5A CN108964908A (en) 2018-08-10 2018-08-10 A kind of method and system of controlled key agreement

Publications (1)

Publication Number Publication Date
CN108964908A true CN108964908A (en) 2018-12-07

Family

ID=64468642

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810905979.5A Pending CN108964908A (en) 2018-08-10 2018-08-10 A kind of method and system of controlled key agreement

Country Status (1)

Country Link
CN (1) CN108964908A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109617916A (en) * 2019-01-16 2019-04-12 北京云中融信网络科技有限公司 Code key processing method and instant communicating system
CN110896348A (en) * 2019-11-26 2020-03-20 飞天诚信科技股份有限公司 Method and system for key agreement
CN111934858A (en) * 2020-07-09 2020-11-13 中国电子科技集团公司第三十研究所 Supervised random public key derivation method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3109815A1 (en) * 2015-06-26 2016-12-28 Seiko Epson Corporation Network system, control method of a network system and control device
CN107592281A (en) * 2016-07-06 2018-01-16 华为技术有限公司 A kind of protection system, method and device for transmitting data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3109815A1 (en) * 2015-06-26 2016-12-28 Seiko Epson Corporation Network system, control method of a network system and control device
CN107592281A (en) * 2016-07-06 2018-01-16 华为技术有限公司 A kind of protection system, method and device for transmitting data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
袁峰等: "SM9标识密码算法综述", 《信息安全研究》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109617916A (en) * 2019-01-16 2019-04-12 北京云中融信网络科技有限公司 Code key processing method and instant communicating system
CN110896348A (en) * 2019-11-26 2020-03-20 飞天诚信科技股份有限公司 Method and system for key agreement
CN110896348B (en) * 2019-11-26 2022-04-01 飞天诚信科技股份有限公司 Method and system for key agreement
CN111934858A (en) * 2020-07-09 2020-11-13 中国电子科技集团公司第三十研究所 Supervised random public key derivation method
CN111934858B (en) * 2020-07-09 2022-03-18 中国电子科技集团公司第三十研究所 Supervised random public key derivation method

Similar Documents

Publication Publication Date Title
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
US20220191021A1 (en) Blockchain-implemented method and system
CN103338215B (en) The method setting up TLS passage based on the close algorithm of state
CN103118027B (en) The method of TLS passage is set up based on the close algorithm of state
CN110011802A (en) A kind of two side of efficient SM9 cooperates with the method and system of generation digital signature
CN108111301A (en) The method and its system for realizing SSH agreements are exchanged based on rear quantum key
CN109462472A (en) The methods, devices and systems of data encryption and decryption
CN105307165B (en) Communication means, server-side and client based on mobile application
CN107948189A (en) Asymmetric cryptography authentication identifying method, device, computer equipment and storage medium
Azrour et al. New efficient and secured authentication protocol for remote healthcare systems in cloud-iot
CN105119894B (en) Communication system and communication means based on hardware security module
CN110519046A (en) Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD
CN106850566A (en) A kind of method and device of consistency verification of data
CN108964908A (en) A kind of method and system of controlled key agreement
CN107809311A (en) The method and system that a kind of unsymmetrical key based on mark is signed and issued
CN104935553A (en) Unified identity authentication platform and authentication method
CN106059764B (en) Based on the password and fingerprint tripartite's authentication method for terminating key derivation functions
CN110535626A (en) The quantum communications service station secret communication method and system of identity-based
CN107172043A (en) A kind of smart power grid user sale of electricity method based on homomorphic cryptography
CN108173648A (en) Security processing method, equipment and storage medium based on private key escrow
CN110380859A (en) Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system
CN109309566A (en) A kind of authentication method, device, system, equipment and storage medium
CN106230840B (en) A kind of command identifying method of high security
CN112765667B (en) Privacy protection method, device and system based on block chain
Elemam et al. Formal verification for a PMQTT protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181207