CN110752924A - Key safety management method based on safety multi-party calculation - Google Patents

Key safety management method based on safety multi-party calculation Download PDF

Info

Publication number
CN110752924A
CN110752924A CN201911042944.4A CN201911042944A CN110752924A CN 110752924 A CN110752924 A CN 110752924A CN 201911042944 A CN201911042944 A CN 201911042944A CN 110752924 A CN110752924 A CN 110752924A
Authority
CN
China
Prior art keywords
algorithm
calculation
node
key
task
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911042944.4A
Other languages
Chinese (zh)
Other versions
CN110752924B (en
Inventor
肖龙辉
常清雪
何斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201911042944.4A priority Critical patent/CN110752924B/en
Publication of CN110752924A publication Critical patent/CN110752924A/en
Application granted granted Critical
Publication of CN110752924B publication Critical patent/CN110752924B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of information security, and discloses a key management method based on secure multi-party computation, which solves the problem that the traditional key management scheme cannot give consideration to usability and security. The master key in the invention is obtained by a multi-party computing system, and the master key controls the state conversion of the plaintext and the ciphertext of the key required by the encryption algorithm. When the user has no encryption service, the master key is in an unknown state, and the service key is in a ciphertext state; when encryption service exists, a main key calculation factor is obtained through the multi-party calculation system, and the key factor is brought into a key generation algorithm to obtain a main key.

Description

Key safety management method based on safety multi-party calculation
Technical Field
The invention relates to the field of information security, in particular to a secret key management method based on secure multi-party calculation.
Background
The common effective means of the key cracking technology are side channel attack and code decompilation: the side channel attack is a method for attacking the encryption device aiming at side channel information leakage such as time consumption, power consumption or electromagnetic radiation in the operation process of the encryption electronic device, has effectiveness far higher than that of a mathematical method of cryptanalysis, and is more suitable for single-sub devices with single function, such as the trusted hardware and the TEE. The code decompilation is to carry out ' reverse analysis and research ' work on a target program (such as an executable program) of other people's software to deduce design elements such as thought, principle, structure, algorithm, processing process, operation method and the like used by a software product of other people, source codes can be deduced under certain specific conditions, and if a key management mode is software management, parameters and processing process forming a key are all realized in the program, the key can be extracted from the target program at a high probability by decompilation.
The conventional key management schemes store the key locally in the user, and the protection measures for the key include: (1) storing the key on trusted hardware; (2) the software manages the cipher key, protect the cipher key through technologies such as the garbled of the code, fragmentation of the cipher key is stored; (3) the encryption method is stored in a Trusted Execution Environment (TEE), namely a set of trusted execution environment running encryption algorithm and a storage key are deployed on an SGX of an INTE chip or a TrustZone of an ARM chip, and encryption and service are isolated.
The key management technology has the following defects:
(1) the trusted hardware has high safety, but lacks expandability and flexibility, cannot be automatically deployed, is not resistant to side channel attack and is difficult to upgrade;
(2) the software security management key is easy to expand, convenient to upgrade and good in expansibility, but is easy to decompile and extract out, so that the security degree is low;
(3) the trusted execution environment and the service environment run locally in parallel, data can be transmitted between the trusted execution environment and the service environment, the trusted execution environment and the service environment are easily attacked by a software side channel and limited by hardware, and the trusted execution environment and the service environment can be implemented only by a chip with a specified model.
Therefore, the conventional key management scheme cannot be compatible in terms of ease of use and security.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: a key management method based on secure multi-party calculation is provided, and the problem that a traditional key management scheme cannot give consideration to usability and security is solved.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a key management method based on secure multiparty computation comprises the following steps:
step one, a safe multi-party computing system consisting of a plurality of safe multi-party computing nodes is deployed;
step two, the key management party generates a batch of calculation functions, compiles the functions into machine language, and submits an algorithm increasing request to any node in the multi-party calculation system;
step three, the nodes receiving the algorithm increasing request distribute algorithm numbers for the newly added algorithms and return the algorithm numbers to the key management party, and simultaneously distribute the newly added algorithms, and each node records distribution information;
step four, the key management party stores the algorithm number returned by the multi-party computing system, and randomly generates and stores a group of algorithm number-parameter sequences;
step five, the key management party takes the generated algorithm number-parameter sequence as a calculation task, randomly generates and stores a group of asymmetric algorithm public and private key pairs, and initiates a calculation request to any node of the multi-party calculation system;
step six, decomposing the calculation task into a plurality of independent calculation tasks by the calculation request response node, matching a proper task execution node and a proper backup execution node for each independent calculation task, and then distributing each independent calculation task to a corresponding task execution node;
step seven, after receiving the task, the task execution node calls a corresponding algorithm to execute the calculation task, encrypts a calculation result by using a public key of a key management party and feeds the calculation result back to the calculation request response node;
step eight, the calculation request response node collects calculation results of each execution node, and after the collection is completed, the calculation results are packaged and fed back to the key management party;
step nine, the key management party decrypts a calculation result returned by the multi-party calculation system to be used as a key factor, a key is generated through a key generation algorithm based on the key factor, the key is used as a main key to encrypt a shared initial key of the service system, and a ciphertext shared initial key corresponding to the service system is obtained and stored;
step ten, the key management party packages an encryption algorithm, a key multi-party calculation generation process, a ciphertext sharing initial key, multi-party calculation node information, a key management interface, an algorithm number-parameter list and a data encryption and decryption interface into an SDK packet according to service requirements and submits the SDK packet to a service system;
step eleven, the service system embeds the SDK packet into an application program, and when a specific service is carried out, an SDK packet encryption and decryption interface is called to encrypt and decrypt service data;
step twelve, when the key is updated, the service system calls the SDK package key management interface according to the key updating information provided by the key management party, and the stored key information is changed according to the situation.
As a further optimization, in step one, the plurality of secure multi-party computing nodes may be deployed in a cloud server, an extranet server, and an intranet server at the same time.
As a further optimization, in the first step, each secure multiparty computing node has a consistent architecture, and the method includes: the system comprises a calculation request processing module, a calculation task processing module and an algorithm change processing module;
the computing request processing module is used for verifying a computing request initiated by a user, decomposing a computing task submitted by the user, managing multi-party computing node information of the system, matching the computing task, distributing the computing task, collecting a computing result, verifying the computing result and packaging the computing result to return to the user;
the computing task processing module is used for verifying the received computing task, analyzing the computing task, selecting an algorithm to be called according to an algorithm number in the computing task, bringing a parameter of the task into the algorithm operation to obtain a computing result, encrypting the computing result by using a user public key, and packaging the identity information, the task content, the task number and the message verification data of the node and then returning the data to the task initiating node;
the algorithm change processing module is used for performing identity authentication on an algorithm change requester, performing identity broadcast on the requester, voting on the authority of the requester and performing decision and execution on algorithm change.
As a further optimization, in step five, the request content of the calculation request includes the generated public key, the algorithm number-parameter sequence, the user identity information, and the information integrity check parameter.
As a further optimization, in step eight, if the computation request response node does not receive the task computation result fed back by a task execution node in a specified time, the corresponding backup execution node is enabled to re-execute the computation task.
As a further optimization, each secure multiparty computing node stores a user list with algorithm changing authority, a certain node receives an algorithm changing request and then serves as an algorithm changing request response node, the algorithm changing request is broadcasted to all nodes, each node judges whether the user has the algorithm changing authority or not according to the user list, a judgment result of the algorithm changing authority is returned to the algorithm changing request response node, and the algorithm changing request response node accepts the algorithm changing request if the positive result of the total node number exceeding 2/3 is received, and notifies the corresponding node to execute algorithm changing operation: when the algorithm change request is an algorithm addition, the user response node distributes numbers meeting the rules to the algorithm to be added, randomly distributes the algorithm numbers and the algorithm contents to more than two nodes, and broadcasts the distribution condition; when the algorithm change request is a deletion algorithm, the node storing the algorithm deletes the corresponding algorithm; when the algorithm change request is a replacement algorithm, the node storing the algorithm performs a replacement operation on the algorithm.
As a further optimization, in step one, each computing node in the secure multi-party computing system provides a network interface for implementing interaction, the network interface comprising:
calculating a request interface: the user submits the calculation task and the verification information by accessing the interface; after receiving the request, the node verifies the request information, decomposes the calculation task, returns the calculation request number and the calculation task execution identifier to the user after the task allocation is completed, and returns the request failure identifier if the task cannot be allocated;
calculating a task state query interface: the user inquires the execution state of the calculation task through the received calculation request number, the execution state of the task comprises execution in progress, execution failure and execution completion, and if the execution completion state is reached, the calculation result is returned to the user;
computing task allocation request interface: the nodes responding to the user request call the interfaces of other nodes for distributing single calculation tasks;
and a calculation result return interface: the node executing the calculation task calls the interface of the calculation request response node for returning a calculation result, wherein the calculation result content comprises a calculation task number, a ciphertext result and check information;
adding an interface for the algorithm file: the key manager or the safe multi-party computing system manager calls the interface to add the algorithm file to the nodes in the multi-party computing system;
algorithm file deletion interface: the key manager or the safe multi-party computing system manager calls the interface to delete the existing algorithm files stored by the nodes in the multi-party computing system;
user authority authentication request initiation interface: the node receiving the algorithm change request calls all other nodes to obtain the interface, and the change request content comprises user information, algorithm file operation content, an authentication request number and verification information;
the log query interface is changed by the algorithm: the secure multi-party computing system administrator invokes this interface to check if the algorithm allocation is compliant;
the user authority identification result returns to the interface: after the authority of each node is authenticated, the interfaces of all other nodes are called, and the self authentication result is fed back.
The invention has the beneficial effects that:
and encrypting the encrypted service by using the key by using the main key, storing the ciphertext key locally by the user, and decrypting the ciphertext key by using the main key when the encrypted service is operated. The master key is calculated by the key factor, and the key factor is obtained by a multi-party calculation system. When the safe multi-party computing system executes the computing task, each node encrypts the computing result, the encrypted content can be identified only by a user, the node executing the computing task cannot understand the significance of the computing result of the user, the user request node cannot identify the summarized computing result content, the user does not know each algorithm content, and mutual key information cannot be disclosed under the condition that all parties are not mutually trusted. Therefore, the scheme of the invention has high usability on the basis of ensuring the security of the secret key.
Drawings
FIG. 1 is a schematic diagram of a user key management scheme according to the present invention;
FIG. 2 is a schematic diagram of a multi-party computing system architecture;
fig. 3 is a flow chart of key generation in the present invention.
Detailed Description
The invention aims to provide a secret key management method based on safe multiparty computation, and solves the problem that the traditional secret key management scheme cannot give consideration to usability and safety.
If key management is improved from hardware, there is always a hardware dependency, and it is difficult to achieve high usability, so that it is necessary to improve a key management scheme in consideration of software. The main defect of the software management key is that the parameters and the process for generating the key are realized in the program, so long as the key factor generation process is realized locally and the data transmission safety is ensured (the key is not known by a third party outside the software), an attacker cannot obtain the key from the user locally through a decompilation means, the safety of the software management key is effectively improved, the software management key has high usability, and the safe multi-party computing protocol can effectively realize the remote generation of the parameters for constructing the key and theoretically ensure the safe transmission of unsafe environment information, so the software management key is realized based on the safe multi-party computing protocol.
The secure multi-party computing (MPC) protocol is a distributed protocol, allows all participants to jointly compute a result through established logic on the premise of not revealing private information of themselves, and can achieve remote cooperative generation of keys and achieve the effect that the keys (private information) are only known by themselves, so that the major unsafe factors of software management keys can be solved. In the key management scenario, the MPC manages the key, and the private information of the MPC is a key factor for the business system, and is a calculation process for other multi-party calculation participants. Therefore, the invention is premised on ensuring that the business system key factor is not known by other computing participants and the computing processes of other computing participants are not known by the business system.
MPC generates one calculation result by one calculation interaction, and if a plurality of calculation results are obtained, a plurality of calculation interactions are needed. The service system may use a plurality of encryption algorithms, one encryption algorithm has at least one key, and if all key construction parameters are obtained by multi-party security calculation, the efficiency is affected. Therefore, in order to reduce the number of multi-party calculation interaction as much as possible, the invention divides the service system keys into three types: the system comprises a main key, a plaintext key and a ciphertext key, wherein the plaintext key is a key used when a service system executes encryption and decryption operations, and does not appear in the system (cache and program files) when no encrypted service exists; the cipher text key is stored in the service system and is used for being decrypted and converted into a plaintext key; the master key is used for conversion between a plaintext key and a ciphertext key. From the relationship of the three types of keys, the security of the service key can be ensured as long as the master key is protected, so that the master key only needs to be calculated by multiple parties.
On the basis, the invention designs a task processing mode, a calculation initiator can put forward a plurality of calculation tasks at one time, and the calculation content is decomposed into a plurality of independent calculation tasks through intermediate processing, so that the effect of obtaining all key factors through one-time interaction is achieved, and the calculation efficiency is improved. Because the intermediate processing party knows all the computing tasks and can know all the computing results if all the computing tasks are executed in the middle, the intermediate processing party does not participate in the execution of the computing tasks in the process, and simultaneously, in order to avoid the situation that the intermediate processing party processes all the computing tasks and is not known by the computing initiator, the computing tasks are designed and the computing execution units (algorithm files) are distributed in a coordinated mode, a single computing party cannot complete all the computing tasks, and the work is completed by a key management party (computing request and algorithm file design party) and an MPC management party in a coordinated mode. The calculation request designed by the key manager should contain all algorithm files designed for the calculation request, each algorithm file is randomly distributed to two calculation nodes after the algorithm files are submitted to the MPC, and the MPC manager ensures that all algorithm files are not distributed to one node at the same time through log check and algorithm content check of each node.
In order to make the secret key not known by a third party except the calculation initiator, all calculation task executing parties need to encrypt the calculation results through the public key of the calculation initiator, so that a single calculation task result is only known by the calculation executing parties and the calculation initiator, and the calculation executing parties only know a part of the results in all the calculation results, and cannot understand the significance of the part of the calculation results (the user master secret key is obtained through the results). Besides obtaining all key factors, the calculation task of the calculation initiator needs to randomly add some calculation tasks for obtaining irrelevant parameters, so that even if all calculation results are known by other parties, the correct key factors are difficult to extract.
As shown in FIG. 1, the master key in the present invention is obtained by a multi-party computing system, and the master key controls the state conversion of plaintext and ciphertext of the key used by the encryption algorithm. When the user has no encryption service, the master key is in an unknown state, and the service key is in a ciphertext state; when encryption service exists, a main key calculation factor is obtained through the multi-party calculation system, and the key factor is brought into a key generation algorithm to obtain a main key.
In a specific implementation, the key management method based on secure multiparty computation in the present invention includes the following steps:
(1) deploying a secure multi-party computing system:
a plurality of safe multi-party computing nodes are deployed, and a single node is prevented from executing all computing tasks under the condition that a computing request responding node does not execute the computing tasks, so that a complete computing result is known, and the number of the safe multi-party computing nodes is not less than 3. All nodes are communicated through a network, and corresponding interfaces are mutually called to cooperate to complete a calculation request initiated by a user, so that a safe multi-party calculation system is formed.
As shown in fig. 2, a plurality of (not less than 3) multi-party computing nodes communicate via a network, and each node has a consistent architecture and can execute a computing request response, a computing task execution and an algorithm change request response. The single node stores system node information and a plurality of executable machine language algorithms, each algorithm has a number, the same algorithm number is the same, and each algorithm is stored in at least two nodes.
(2) The key management party generates a batch of calculation functions, compiles the functions into machine language and submits an algorithm increasing request to any node of the multi-party calculation system;
(3) the nodes receiving the algorithm increasing request distribute algorithm numbers for the newly submitted algorithm and return the algorithm numbers to the key management party, and simultaneously distribute the algorithm, broadcast distribution information and record the distribution information by each node;
(4) the key management party stores the algorithm number returned by the multi-party computing system, and randomly generates and stores a group of algorithm number-parameter sequences;
(5) the key management party initiates a calculation task, obtains a key factor through the multi-party calculation system, and then generates a key according to the key factor:
specifically, as shown in fig. 3, the key management party uses the generated algorithm number-parameter sequence as a calculation task, randomly generates and stores a group of asymmetric algorithm public and private key pairs, and initiates a calculation request to any node of the multi-party computing system, where the request content includes a calculation task, a temporary public key, verification data, and the like. And the node receiving the request verifies the integrity of the information, analyzes the calculation task after the verification is passed, disassembles the calculation task into a plurality of independent calculation tasks, and matches each calculation task with a proper task execution node and a proper backup execution node according to the stored multi-party calculation storage node information. And distributing each task to a corresponding execution node after matching the tasks, calling a corresponding calculation file to execute the calculation task after the execution node receives the tasks, encrypting the calculation result by using the public key of the request user, and returning the calculation result to the calculation request response node. And the calculation request response node collects the calculation results of each execution node, and packages the calculation results after the collection is finished and returns the calculation results to the key management party. The key management party decrypts a calculation result returned by the multi-party calculation system as a key factor, introduces a key generation algorithm to obtain a key, encrypts the service system shared initial key by taking the key as a master key to obtain a ciphertext shared initial key, and stores the ciphertext shared initial key;
(6) and the key management party encapsulates the encryption algorithm, the key multi-party calculation generation process, the ciphertext key, the multi-party calculation node information, the key management interface, the algorithm number-parameter sequence and the data encryption and decryption interface into an SDK packet according to the service requirement.
(7) And the key management party provides the packaged SDK package, the SDK package use document and the use case to the service system.
(8) The service system embeds the SDK packet into an application program, calls an SDK packet encryption and decryption interface to encrypt and decrypt service data, encrypts and initializes the service data before encrypting and decrypting, when the service data is encrypted and initialized, the SDK packet internal program initiates a calculation request to the safe multi-party computing system according to a stored algorithm number-parameter sequence to obtain a key factor for restoring a main key, brings the key factor into a key generation function to obtain the main key, and restores a stored ciphertext key into a plaintext key for encryption and decryption by using the main key.
(9) When the key is updated, the service system calls the SDK package key management interface according to the key updating information provided by the key management party, and changes the stored key information according to the situation, wherein the stored key information comprises an algorithm number-parameter sequence and a ciphertext key.
In the step (1), the multi-party computing nodes can be deployed in the cloud server, the extranet server and the intranet server at the same time, so that the physical isolation effect among the nodes is achieved.
In the step (1), the multi-party computing node mainly includes three modules: the system comprises a user calculation request processing module, a calculation task processing module and an algorithm change processing module. The main functions of each module are as follows:
① user calculation request processing module for checking calculation request initiated by user, decomposing calculation task submitted by user, managing multi-party calculation node information of system, matching calculation task, distributing calculation task, collecting calculation result, checking calculation result, packaging calculation result and returning to user.
a. The user calculates the request check to judge whether the request content is changed, a Hash Hash signature check mode is usually adopted, the Hash Hash signature check can be carried out on the specific field of the request content and other appointed parameters (a timestamp, a shared character string and the like) which are not transmitted in a channel, the signature of a requester and the signature of a receiver pass the check if the signatures of the requester and the receiver are consistent, and the following content checks are both the modes;
b. the user calculation request is an algorithm number-parameter sequence, each algorithm number-parameter is an independent calculation task, if (A1112: 23) shows that the calculation task with the number of executing the algorithm number of A1112 and the algorithm parameter of 23 is performed, and the multi-party calculation nodes responding to the user request split the algorithm number-parameter sequence into independent calculation tasks;
c. the multi-party computing system node information comprises MAC values of all nodes forming the system, a carried algorithm number list, the MAC values, certificates, IP addresses, equipment names and the like;
d. the calculation task matching is that the node pair compares the algorithm carried by other nodes of the comparison system with the calculation tasks, calculates the execution node of each calculation task, and sets a standby node and a result return time threshold;
e. the computation task distribution is that the nodes distribute task numbers for the well-matched computation tasks, the tasks are sent to corresponding nodes to be executed, messages of the sent tasks can be encrypted by a target node public key and simultaneously contain the node identities, computation request user public keys, message verification data, task numbers and the like;
f. and the calculation result check is that after receiving a return result of the calculation task execution node, the node verifies the node identity and the message content, simultaneously judges whether the return time is within a set threshold value, if the check is passed, the calculation task is judged to be qualified, if the check is not passed, the calculation task is sent to the standby node, and the standby node executes the task again. On the basis, node trust management can be added, nodes which are qualified for executing the calculation task increase trust weight, if not, the trust weight is reduced, and nodes with high trust weight are preferentially considered during task allocation;
g. and the calculation result packing and returning is to arrange and package the collected calculation results in sequence, generate check information and return the check information to the user.
② computation task processing module for checking the received computation task, analyzing the computation task, selecting the algorithm to be called according to the algorithm number in the computation task, bringing the parameter of the task into the algorithm operation to obtain the computation result, encrypting the computation result by using the user public key, and packaging the node identity information, task content, task number, message check data, etc. and returning to the task initiating node.
③ algorithm change processing module, requester identity authentication, requester identity broadcast, requester permission voting, algorithm change decision and execution.
a. Authenticating the identity of the requester: the user capable of operating only can be a privileged user such as a key manager or a system administrator, each node of the multi-party computing system stores privileged user information and a certificate, after receiving a user algorithm change request, the node firstly judges whether the user of a requester has authority or not according to the stored privileged user information, and if so, executes subsequent operation;
b. requesting party identity broadcasting: after judging that the authority of the requesting user is in compliance, the node broadcasts identity information and algorithm change content of the requesting party to each node of the system;
c. the requestor authority votes: each node judges whether the requester has the authority to perform corresponding algorithm change operation according to the privilege user information stored in each node, and returns the result to other nodes of the multi-party computing system;
d. if the node above 2/3 approves the requestor authority, the algorithm change request is executed. When the algorithm is changed into an increasing algorithm, a user responds to the algorithm to be increased of the nodes to distribute numbers meeting the rules, randomly distributes algorithm numbers and algorithm contents (machine language) to more than two nodes, and broadcasts the distribution condition. And when the algorithm is changed into deletion, the node storing the algorithm deletes the corresponding algorithm. Each node of the system updates the algorithm relevant part in the self-maintained system node information.
In the step (1), the user request response node is used as a calculation management node, a calculation request is disassembled into a plurality of calculation tasks, and the calculation tasks are executed by a plurality of nodes concurrently, so that the calculation efficiency is improved. The computing node encrypts the computing result by using the public key of the requesting user, so that the single computing result is only known by the computing initiator (user) and the computing executive (computing executive node), and other nodes of the system do not know the principle of the inadvertent transmission of the computing result. Meanwhile, the user only has the algorithm number without the algorithm content and does not know which node the algorithm is at in the multi-party computing system, and the computing execution node only knows part of the computing content and does not know all the computing request content and the computing results of the user, so that the safety is ensured.
The network request interface included in each multi-party computing node in the step (1) mainly includes:
calculating a request interface: the user submits the calculation task and the verification information by accessing the interface; after receiving the request, the node verifies the request information, decomposes the calculation task, returns the calculation request number and the calculation task execution identifier to the user after the task allocation is completed, and returns the request failure identifier if the task cannot be allocated;
calculating a task state query interface: the user inquires the execution state of the calculation task through the received calculation request number, the execution state of the task comprises execution in progress, execution failure and execution completion, and if the execution completion state is reached, the calculation result is returned to the user;
computing task allocation request interface: the nodes responding to the user request call the interfaces of other nodes for distributing single calculation tasks;
and a calculation result return interface: the node executing the calculation task calls the interface of the calculation request response node for returning a calculation result, wherein the calculation result content comprises a calculation task number, a ciphertext result and check information;
adding an interface for the algorithm file: the key manager or the safe multi-party computing system manager calls the interface to add the algorithm file to the nodes in the multi-party computing system;
algorithm file deletion interface: the key manager or the safe multi-party computing system manager calls the interface to delete the existing algorithm files stored by the nodes in the multi-party computing system;
user authority authentication request initiation interface: the node receiving the algorithm change request calls all other nodes to obtain the interface, and the change request content comprises user information, algorithm file operation content, an authentication request number and verification information;
the log query interface is changed by the algorithm: the secure multi-party computing system administrator invokes this interface to check if the algorithm allocation is compliant;
the user authority identification result returns to the interface: after the authority of each node is authenticated, the interfaces of all other nodes are called, and the self authentication result is fed back.
Example (b):
(1) a multi-party computing system is deployed at a cloud server A and an extranet server B, C, D, and each server is used as a multi-party computing node (hereinafter referred to as node A, B, C, D);
(2) storing information such as MAC address, IP address, domain name, identity signature and the like of the node A, B, C, D to each multiparty computing system node and a key management party;
(3) taking a key management party and a multi-party system administrator as privileged users, and storing the identity IDs into each node;
(4) the key manager makes a series of calculation functions: y is1=f1(x),y1=f1(x)...yn=fn(x);
(5) Compiling the calculation function into a machine language by a key management party, storing the compiling result to files file1 and file2.. fileN, randomly selecting a multi-party calculation node, taking node A as an example, calling an algorithm increasing interface of node A, and uploading files file1 and file2.. fileN;
(6) after the node A verifies and receives the algorithm increasing request, the identity and the content integrity of the key management party are verified, after the verification is passed, the identity of the key management party is transmitted to the node B, C, D, the node B, C, D verifies whether the received identity information has the authority, and the verification result is transmitted to other nodes;
(7) the node B, C, D recognizes that the key management party has the algorithm increasing authority, the algorithm increasing operation is continuously executed, the node A is algorithm files 1, file2.. filin distribution numbers M0001 and M0002.. M000n, each algorithm file and number are randomly issued to 3 of the nodes A, B, C, D, and the algorithm and the number of the node of the algorithm file are stored for calling;
(8) node a broadcasts the algorithm file number issuance to node B, C, D, and node A, B, C, D updates the respective stored node-algorithm information.
(9) The node A returns the algorithm number to the key management party;
(10) the key manager generates a set of algorithm number-parameter sequences L1 from the algorithm numbers: { M0001:42, M0001:4.. M000 n: 22 };
(11) the key management party randomly selects a node, takes the node B as an example, and sends L1 to the node B as a calculation request;
(12) the node B processes the calculation request, decomposes the algorithm request into calculation tasks T1, T2.. Tn, and distributes the tasks to the nodes meeting the requirements;
(13) the received task node processes the received computing task, selects a matched algorithm, brings parameters into an algorithm file to execute the computing task, and encrypts the computing result by using a public key in the task to obtain a ciphertext result RnR is to benReturning to the node B;
(14) the node B collects and checks the calculation execution node calculation results, and the calculation results are packed into the following steps in sequence after the results are collected: { R1,R2...RnReturning to the key management party;
(15) the key management party decrypts the calculation result by using a private key thereof to obtain a group of key factors: { r1,r2...rnSubstituting the key factor into the key generation function y ═ f (r)1,r2...rn) Obtaining a master Key, and bringing the Key into an encryption algorithm to encrypt the service system shared initial keys Key1, Key2.. keyn into Dkey1, Dkey2.. keyn respectively;
(16) the key management party encapsulates an encryption algorithm interface (AES, DES, RSA, TEA and the like), a ciphertext key (Dkey1, Dkey2.. Dkeyn), an algorithm number-parameter sequence ({ M0001:42, M0001:4.. M000 n: 22}), and multi-party computing node information (A, B, C, D) into an SDK packet, and submits the SDK packet to a service system;
(17) the service system embeds the SDK packet into a service program.
(18) And when the service system calls the SDK packet encryption and decryption initialization interface, the SDK packet internally executes a multiparty computation request process.

Claims (7)

1. A key management method based on secure multiparty computation is characterized by comprising the following steps:
step one, a safe multi-party computing system consisting of a plurality of safe multi-party computing nodes is deployed;
step two, the key management party generates a batch of calculation functions, compiles the functions into machine language, and submits an algorithm increasing request to any node in the multi-party calculation system;
step three, the nodes receiving the algorithm increasing request distribute algorithm numbers for the newly added algorithms and return the algorithm numbers to the key management party, and simultaneously distribute the newly added algorithms, and each node records distribution information;
step four, the key management party stores the algorithm number returned by the multi-party computing system, and randomly generates and stores a group of algorithm number-parameter sequences;
step five, the key management party takes the generated algorithm number-parameter sequence as a calculation task, randomly generates and stores a group of asymmetric algorithm public and private key pairs, and initiates a calculation request to any node of the multi-party calculation system;
step six, decomposing the calculation task into a plurality of independent calculation tasks by the calculation request response node, matching a proper task execution node and a proper backup execution node for each independent calculation task, and then distributing each independent calculation task to a corresponding task execution node;
step seven, after receiving the task, the task execution node calls a corresponding algorithm to execute the calculation task, encrypts a calculation result by using a public key of a key management party and feeds the calculation result back to the calculation request response node;
step eight, the calculation request response node collects calculation results of each execution node, and after the collection is completed, the calculation results are packaged and fed back to the key management party;
step nine, the key management party decrypts a calculation result returned by the multi-party calculation system to be used as a key factor, a key is generated through a key generation algorithm based on the key factor, the key is used as a main key to encrypt a shared initial key of the service system, and a ciphertext shared initial key corresponding to the service system is obtained and stored;
step ten, the key management party packages an encryption algorithm, a key multi-party calculation generation process, a ciphertext sharing initial key, multi-party calculation node information, a key management interface, an algorithm number-parameter list and a data encryption and decryption interface into an SDK packet according to service requirements and submits the SDK packet to a service system;
step eleven, the service system embeds the SDK packet into an application program, and when a specific service is carried out, an SDK packet encryption and decryption interface is called to encrypt and decrypt service data;
step twelve, when the key is updated, the service system calls the SDK package key management interface according to the key updating information provided by the key management party, and the stored key information is changed according to the situation.
2. A secure multiparty computation based key management method according to claim 1,
in the first step, a plurality of safe multi-party computing nodes can be deployed in the cloud server, the extranet server and the intranet server at the same time.
3. A secure multiparty computation based key management method according to claim 1,
in the first step, each secure multiparty computing node has a consistent architecture, and the method comprises the following steps: the system comprises a calculation request processing module, a calculation task processing module and an algorithm change processing module;
the computing request processing module is used for verifying a computing request initiated by a user, decomposing a computing task submitted by the user, managing multi-party computing node information of the system, matching the computing task, distributing the computing task, collecting a computing result, verifying the computing result and packaging the computing result to return to the user;
the computing task processing module is used for verifying the received computing task, analyzing the computing task, selecting an algorithm to be called according to an algorithm number in the computing task, bringing a parameter of the task into the algorithm operation to obtain a computing result, encrypting the computing result by using a user public key, and packaging the identity information, the task content, the task number and the message verification data of the node and then returning the data to the task initiating node;
the algorithm change processing module is used for performing identity authentication on an algorithm change requester, performing identity broadcast on the requester, voting on the authority of the requester and performing decision and execution on algorithm change.
4. A secure multiparty computation based key management method according to claim 1,
in the fifth step, the request content of the calculation request includes the generated public key, the algorithm number-parameter sequence, the user identity information and the information integrity check parameter.
5. A secure multiparty computation based key management method according to claim 1,
in the step eight, if the computation request response node does not receive the task computation result fed back by a certain task execution node in the specified time, the corresponding backup execution node is enabled to execute the computation task again.
6. A secure multiparty computation based key management method according to claim 1,
each safe multi-party computing node is stored with a user list with algorithm changing authority, a certain node is used as an algorithm changing request responding node after receiving an algorithm changing request, the algorithm changing request is broadcasted to all nodes, each node judges whether the user has the algorithm changing authority or not according to the user list, a judgment result of the algorithm changing authority is returned to the algorithm changing request responding node, the algorithm changing request responding node receives a positive result which exceeds the total node number of 2/3, the algorithm changing request is approved, and a corresponding node is informed to execute the algorithm changing operation: when the algorithm change request is an algorithm addition, the user response node distributes numbers meeting the rules to the algorithm to be added, randomly distributes the algorithm numbers and the algorithm contents to more than two nodes, and broadcasts the distribution condition; when the algorithm change request is a deletion algorithm, the node storing the algorithm deletes the corresponding algorithm; when the algorithm change request is a replacement algorithm, the node storing the algorithm performs a replacement operation on the algorithm.
7. A secure multiparty computation based key management method according to any of the claims 1-6,
in step one, each computing node in the secure multi-party computing system provides a network interface for implementing interaction, the network interface comprising:
calculating a request interface: the user submits the calculation task and the verification information by accessing the interface; after receiving the request, the node verifies the request information, decomposes the calculation task, returns the calculation request number and the calculation task execution identifier to the user after the task allocation is completed, and returns the request failure identifier if the task cannot be allocated;
calculating a task state query interface: the user inquires the execution state of the calculation task through the received calculation request number, the execution state of the task comprises execution in progress, execution failure and execution completion, and if the execution completion state is reached, the calculation result is returned to the user;
computing task allocation request interface: the nodes responding to the user request call the interfaces of other nodes for distributing single calculation tasks;
and a calculation result return interface: the node executing the calculation task calls the interface of the calculation request response node for returning a calculation result, wherein the calculation result content comprises a calculation task number, a ciphertext result and check information;
adding an interface for the algorithm file: the key manager or the safe multi-party computing system manager calls the interface to add the algorithm file to the nodes in the multi-party computing system;
algorithm file deletion interface: the key manager or the safe multi-party computing system manager calls the interface to delete the existing algorithm files stored by the nodes in the multi-party computing system;
user authority authentication request initiation interface: the node receiving the algorithm change request calls all other nodes to obtain the interface, and the change request content comprises user information, algorithm file operation content, an authentication request number and verification information;
the log query interface is changed by the algorithm: the secure multi-party computing system administrator invokes this interface to check if the algorithm allocation is compliant;
the user authority identification result returns to the interface: after the authority of each node is authenticated, the interfaces of all other nodes are called, and the self authentication result is fed back.
CN201911042944.4A 2019-10-30 2019-10-30 Key safety management method based on safety multi-party calculation Active CN110752924B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911042944.4A CN110752924B (en) 2019-10-30 2019-10-30 Key safety management method based on safety multi-party calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911042944.4A CN110752924B (en) 2019-10-30 2019-10-30 Key safety management method based on safety multi-party calculation

Publications (2)

Publication Number Publication Date
CN110752924A true CN110752924A (en) 2020-02-04
CN110752924B CN110752924B (en) 2021-03-16

Family

ID=69281159

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911042944.4A Active CN110752924B (en) 2019-10-30 2019-10-30 Key safety management method based on safety multi-party calculation

Country Status (1)

Country Link
CN (1) CN110752924B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111934889A (en) * 2020-10-13 2020-11-13 百度在线网络技术(北京)有限公司 Key generation method, signature and signature verification method, device, equipment and medium
CN112187862A (en) * 2020-08-31 2021-01-05 华控清交信息科技(北京)有限公司 Task processing method and device for task processing
CN112532387A (en) * 2020-11-27 2021-03-19 上海爱数信息技术股份有限公司 Key service operation system and method thereof
CN113206832A (en) * 2021-03-31 2021-08-03 华控清交信息科技(北京)有限公司 Data processing method and device and data processing device
CN113541946A (en) * 2021-09-08 2021-10-22 华控清交信息科技(北京)有限公司 Multi-party security calculation method and device and electronic equipment
CN114139180A (en) * 2021-11-29 2022-03-04 厦门熵基科技有限公司 Method and device for processing secret key
CN115208650A (en) * 2022-07-05 2022-10-18 上海江宇信息科技有限公司 Data security implementation method, device, medium and product based on cloud platform
CN116707801A (en) * 2023-08-04 2023-09-05 北京滴普科技有限公司 File data protection method, device, equipment and storage medium for program test

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110173259A1 (en) * 2010-01-11 2011-07-14 Setton Eric E Communicating in a peer-to-peer computer environment
US9129536B2 (en) * 2012-08-31 2015-09-08 Freescale Semiconductor, Inc. Circuit for secure provisioning in an untrusted environment
CN107707530A (en) * 2017-09-12 2018-02-16 福建师范大学 A kind of method for secret protection and system of mobile intelligent perception
CN109255247A (en) * 2018-08-14 2019-01-22 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN110213231A (en) * 2019-04-26 2019-09-06 西安电子科技大学 A kind of the outsourcing data access control method and control system of the lightweight towards SGX
CN110224812A (en) * 2019-06-12 2019-09-10 江苏慧世联网络科技有限公司 A kind of method and equipment that the electronic signature mobile client calculated based on Secure is communicated with Collaboration Server

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110173259A1 (en) * 2010-01-11 2011-07-14 Setton Eric E Communicating in a peer-to-peer computer environment
US9129536B2 (en) * 2012-08-31 2015-09-08 Freescale Semiconductor, Inc. Circuit for secure provisioning in an untrusted environment
CN107707530A (en) * 2017-09-12 2018-02-16 福建师范大学 A kind of method for secret protection and system of mobile intelligent perception
CN109255247A (en) * 2018-08-14 2019-01-22 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN110213231A (en) * 2019-04-26 2019-09-06 西安电子科技大学 A kind of the outsourcing data access control method and control system of the lightweight towards SGX
CN110224812A (en) * 2019-06-12 2019-09-10 江苏慧世联网络科技有限公司 A kind of method and equipment that the electronic signature mobile client calculated based on Secure is communicated with Collaboration Server

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112187862A (en) * 2020-08-31 2021-01-05 华控清交信息科技(北京)有限公司 Task processing method and device for task processing
CN112187862B (en) * 2020-08-31 2023-08-08 华控清交信息科技(北京)有限公司 Task processing method and device for task processing
CN111934889A (en) * 2020-10-13 2020-11-13 百度在线网络技术(北京)有限公司 Key generation method, signature and signature verification method, device, equipment and medium
CN111934889B (en) * 2020-10-13 2021-02-26 百度在线网络技术(北京)有限公司 Key generation method, signature and signature verification method, device, equipment and medium
CN112532387A (en) * 2020-11-27 2021-03-19 上海爱数信息技术股份有限公司 Key service operation system and method thereof
CN112532387B (en) * 2020-11-27 2022-12-30 上海爱数信息技术股份有限公司 Key service operation system and method thereof
CN113206832A (en) * 2021-03-31 2021-08-03 华控清交信息科技(北京)有限公司 Data processing method and device and data processing device
CN113541946A (en) * 2021-09-08 2021-10-22 华控清交信息科技(北京)有限公司 Multi-party security calculation method and device and electronic equipment
CN113541946B (en) * 2021-09-08 2022-01-04 华控清交信息科技(北京)有限公司 Multi-party security calculation method and device and electronic equipment
CN114139180A (en) * 2021-11-29 2022-03-04 厦门熵基科技有限公司 Method and device for processing secret key
CN115208650A (en) * 2022-07-05 2022-10-18 上海江宇信息科技有限公司 Data security implementation method, device, medium and product based on cloud platform
CN116707801A (en) * 2023-08-04 2023-09-05 北京滴普科技有限公司 File data protection method, device, equipment and storage medium for program test

Also Published As

Publication number Publication date
CN110752924B (en) 2021-03-16

Similar Documents

Publication Publication Date Title
CN110752924B (en) Key safety management method based on safety multi-party calculation
Zeng et al. E-AUA: An efficient anonymous user authentication protocol for mobile IoT
CN111275202B (en) Machine learning prediction method and system for data privacy protection
EP0916209B1 (en) Cryptographic key recovery system
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
WO2022199290A1 (en) Secure multi-party computation
US11784819B2 (en) Dynamic segmentation of network traffic by use of pre-shared keys
CN114157415A (en) Data processing method, computing node, system, computer device and storage medium
CN113922957B (en) Virtual cloud wallet system based on privacy protection calculation
CN112738030B (en) Data acquisition and sharing working method for agricultural technicians through big data analysis
Tso Security analysis and improvements of a communication-efficient three-party password authenticated key exchange protocol
Jamal et al. Reliable access control for mobile cloud computing (MCC) with cache-aware scheduling
Castiglione et al. An efficient and transparent one-time authentication protocol with non-interactive key scheduling and update
US11240661B2 (en) Secure simultaneous authentication of equals anti-clogging mechanism
CN114866244B (en) Method, system and device for controllable anonymous authentication based on ciphertext block chaining encryption
Reedy et al. A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE
Roy et al. A Hybrid Security Framework to Preserve Multilevel Security on Public Cloud Networks
CN112035820A (en) Data analysis method used in Kerberos encryption environment
Pareek et al. Blockchain-based decentralised access control scheme for dynamic hierarchies
liangchen Design and implementation of internet of things information security transmission based on PBFT algorithm
CN113037703B (en) Agricultural informatization work management method in big data environment
Scholar et al. Easy and Secure Smart SMS Protocol on M-Health Environment in Mobile Computing
Ghorpade et al. Notice of Violation of IEEE Publication Principles: Towards Achieving Efficient and Secure Way to Share the Data
WO2023208183A2 (en) Information transmission method, and device
Wang et al. Reinforcing synchronization securely in online contests with embedded computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant