CN110890962B - Authentication key negotiation method, device, storage medium and equipment - Google Patents

Authentication key negotiation method, device, storage medium and equipment Download PDF

Info

Publication number
CN110890962B
CN110890962B CN201911327323.0A CN201911327323A CN110890962B CN 110890962 B CN110890962 B CN 110890962B CN 201911327323 A CN201911327323 A CN 201911327323A CN 110890962 B CN110890962 B CN 110890962B
Authority
CN
China
Prior art keywords
key
parameter
server
memory area
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911327323.0A
Other languages
Chinese (zh)
Other versions
CN110890962A (en
Inventor
赵原
殷山
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN201911327323.0A priority Critical patent/CN110890962B/en
Publication of CN110890962A publication Critical patent/CN110890962A/en
Priority to PCT/CN2020/124416 priority patent/WO2021120871A1/en
Application granted granted Critical
Publication of CN110890962B publication Critical patent/CN110890962B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the specification discloses an authentication key agreement method, a device, a storage medium and equipment, wherein a key agreement process between a secure memory area based on a trusted execution environment and a client on a server is generated according to respective key parameters respectively generated by the server and the client based on random parameters, and then generating a session key based on the key parameter transmitted by the opposite side and the random number of the local side, and generating the key parameter of the server side for signing and signature verification through the master key pair in the secure memory area, so that the object of key negotiation with the client side is the corresponding secure memory area on the server side, the negotiated session key is used for ensuring the security of transmitting the private data from the client side to the secure memory area, therefore, the method can be applied to protecting user privacy, wherein the server can be a server based on SGX (software guard extensions) technology.

Description

Authentication key negotiation method, device, storage medium and equipment
Technical Field
The embodiments of the present disclosure relate to the field of secure computing, and in particular, to an authentication key agreement method, an apparatus, a storage medium, and a device.
Background
With the rapid development of cloud computing, more and more critical services and high-value data are migrated to the cloud. However, protection of user privacy and prevention of leakage of sensitive information become new challenges for cloud computing. Cloud security has therefore become a focus of attention in both academic and industrial circles. One of the most important technological advances in the field of cloud security is known as Confidential Computing (Confidential Computing), which guarantees the security of data and programs in use. The TEE (Trusted Execution Environment) technology is a powerful tool for confidential calculation, and can perform outsourcing calculation or multi-party secure calculation in a secure area to protect confidentiality and integrity of data in use.
Based on the TEE technique of Intel SGX (Software Guard Extensions), a plurality of clients negotiate keys with a secure memory area of a server node, respectively, and then establish a secure communication channel between the server and each client. Each client encrypts private data in a trusted domain of the client, the ciphertext is sent to the server, and the server decrypts the ciphertext by using a negotiated key in a secure memory area (encrypt).
Disclosure of Invention
Embodiments of the present specification provide an authenticated key agreement method, apparatus, storage medium, and device, which implement forward security of private data.
In a first aspect, an embodiment of the present specification provides an authenticated key agreement method, which is applied to a server, where the server includes a secure memory area based on a trusted execution environment, and the method includes a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and the key agreement process includes: receiving a first key parameter sent by a client, wherein the first key parameter is generated by the client according to a first random parameter; generating a second random parameter in the secure memory area, and generating a first session key according to the first key parameter and the second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client; in the secure memory area, generating a second key parameter according to the second random parameter, and performing digital signature on the second key parameter according to the first private key; and sending the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on the first public key passing verification, and after the digital signature passes verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the privacy data to the secure memory area.
In a second aspect, an authenticated key agreement method in an embodiment of this specification is applied to a client, where the client establishes a communication connection with a server, and the server includes a secure memory area based on a trusted execution environment, and the method includes a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and the key agreement process includes: generating a first random parameter, and generating a first key parameter according to the first random parameter; sending the first key parameter to a server, so that the server generates a first session key in the secure memory area according to the first key parameter and a second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client; receiving a second key parameter and a digital signature sent by the server, wherein the second key parameter is generated by the server according to the second random parameter, and the digital signature is a signature of the server on the second key parameter according to the first private key; and verifying the digital signature according to the first public key passing the verification, and if the digital signature passes the verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the privacy data to the secure memory area.
In a third aspect, an embodiment of the present specification provides an authenticated key agreement apparatus, which is applied to a server, where the server includes a secure memory area based on a trusted execution environment, and the apparatus is configured to perform a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, where the master key pair includes a first public key and a first private key, and the apparatus is configured to perform part of the key agreement process, and includes: the device comprises a first receiving unit, a second receiving unit and a first encryption key generation unit, wherein the first receiving unit is used for receiving a first encryption key parameter sent by a client, and the first encryption key parameter is generated by the client according to a first random parameter; a first key generation unit, configured to generate a second random parameter in the secure memory area, and generate a first session key according to the first key parameter and the second random parameter, where the first session key is used by the secure memory area to receive private data from the client; a first parameter generating unit, configured to generate, in the secure memory area, a second key parameter according to the second random parameter; the first signature unit is used for digitally signing the second key parameter according to the first private key; and the first sending unit is used for sending the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on the first public key passing verification, and generates a second session key according to the second key parameter and the first random parameter after the digital signature passes verification, wherein the second session key is used for sending the privacy data to the secure memory area by the client.
In a fourth aspect, an embodiment of the present specification provides an authenticated key agreement apparatus, which is applied to a client, where the client establishes a communication connection with a server, and the server includes a secure memory area based on a trusted execution environment, and the apparatus is configured to perform a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and the apparatus is configured to perform part of the key agreement process, and includes:
the second parameter generating unit is used for generating a first random parameter and generating a first key parameter according to the first random parameter; a second sending unit, configured to send the first key parameter to a server, so that the server generates a first session key in the secure memory area according to the first key parameter and a second random parameter, where the first session key is used by the secure memory area to receive private data from the client; a second receiving unit, configured to receive a second key parameter and a digital signature that are sent by the server, where the second key parameter is generated by the server according to the second random parameter, and the digital signature is a signature of the server on the second key parameter according to the first private key; and the second key generation unit is used for verifying the digital signature according to the first public key passing the verification, and if the digital signature passes the verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the private data to the secure memory area.
In a fifth aspect, embodiments of the present specification provide an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor performs the steps of any of the methods described above.
In a sixth aspect, the present specification provides a computer readable storage medium, on which a computer program is stored, and the computer program is used for implementing the steps of any one of the above methods when executed by a processor.
One or more technical solutions provided by the embodiments of the present description have at least the following technical effects or advantages:
the session key negotiated based on the key negotiation method provided by the embodiment of the present specification includes a random parameter generated by the server and the client, instead of a fixed key or a key with a variable rule, on the server based on a secure memory area of a trusted execution environment and the client, so that an attacker is difficult to break the session key. Based on this, through the second key parameter generated by the signing and signature verification server through the master key of the secure memory area, it is ensured that the object of key agreement with the client is the corresponding secure memory area, and the session key cannot be transmitted through the network, even if the first private key is leaked, an attacker who obtains the first private key can only forge a new session key between the attacker and the client and obtain data encrypted by the forged session key, but the attacker cannot know which random parameter generates the session key before and intercept the previously negotiated session key, and further cannot obtain data encrypted by the previously negotiated session key, that is, the private key is lost at a time point and the data starts to be leaked, but the previous data cannot be leaked, so that the forward security of private data is achieved, and at present, there is a demand for user privacy guarantee, by applying the authentication key agreement scheme provided by the embodiment of the specification, private data and codes in calculation can be better protected, and further, better protection on user privacy is realized.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the specification. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a system architecture diagram of an authenticated key agreement method in an embodiment of the present specification;
fig. 2 is a flowchart of an authenticated key agreement method applied to a server in an embodiment of the present disclosure;
fig. 3 is a flowchart of an authenticated key agreement method applied to a client in an embodiment of the present specification;
FIG. 4 is a functional block diagram applied to a server in an embodiment of the present disclosure;
FIG. 5 is a functional block diagram applied to a client in an embodiment of the present specification;
fig. 6 is a schematic structural diagram of an electronic device in an embodiment of this specification.
Detailed Description
In order to better understand the technical solutions, the technical solutions of the embodiments of the present specification are described in detail below with reference to the drawings and specific embodiments, and it should be understood that the specific features of the embodiments and embodiments of the present specification are detailed descriptions of the technical solutions of the embodiments of the present specification, and are not limitations of the technical solutions of the present specification, and the technical features of the embodiments and embodiments of the present specification may be combined with each other without conflict.
The authentication key agreement method provided by the embodiment of the present specification is applied to the system architecture shown in fig. 1:
the server includes more than one trusted component, namely a secure memory area (Enclave), and two secure memory areas are illustrated in fig. 1: enclave 1, Enclave 2, and an untrusted component outside the secure memory area, the server APP. Each secure memory area and the untrusted component are communicated through function call spanning across the envelope, the secure memory areas cannot execute IO (Input/Output) operation and access a network, and the server side APP of the server side executes sending and receiving of private data in the secure memory areas and IO operation.
Each client side is in communication connection with the server side, each client side performs key agreement with a safe memory area of the server side, each client side encrypts private data based on an agreed session key in a trusted domain of each client side, the encrypted ciphertext is sent to the server side, and the safe memory area of the server side decrypts and calculates the ciphertext sent by each client side based on the session key negotiated with each client side.
Specifically, one or more secure memory areas may be created at the server, where the secure memory areas correspond to the clients one to one, or multiple clients use the same secure memory area correspondingly, or one secure memory area is provided for multiple clients to use.
Specifically, execution codes and data included in all the secure memory areas exist in a protected physical memory area, which is called an Envelope Page Cache (EPC). And mapping the address space of each secure memory area into the physical memory EPC. Only the code executing in the secure memory area is allowed to access the physical memory EPC, while the code in the secure memory area may also access the memory area of the physical memory EPC.
And the authentication server is in communication connection with the server and is used for authenticating the secure memory area of the server. It should be noted that the authentication server performs remote authentication on the secure memory area of each of the plurality of servers.
Of course, in the actual implementation process, the authentication server communicates with each Service end through an SP (Service Provider).
Specifically, under the TEE technology based on Intel SGX (Software Guard Extensions), the server corresponds to the SGX server, but it may also be applied to authentication key agreement between the secure memory area of the client and the server under other TEE technologies, and details thereof are not described here.
The following describes the authenticated key agreement system in this embodiment with reference to fig. 1, fig. 2, and fig. 3, and any one of the clients and one of the secure memory areas of the server may perform authenticated key agreement based on the key agreement method shown in fig. 2 and fig. 3 and the authenticated key agreement system described below.
The process of performing authenticated key agreement between any one client and one secure memory area of the server (if no special description is given, the subsequently described secure memory areas all refer to the same secure memory area) includes two stages, namely a remote authentication process and a key agreement process. And generating a key pair of the secure memory area in the remote authentication process, wherein the generated key pair comprises a first public key and a first private key.
In the embodiment of the present specification, trigger condition monitoring is performed at a server and/or a client, and a remote authentication process is executed when it is monitored that a remote authentication trigger condition is satisfied. And executing a key negotiation process when the key negotiation triggering condition is monitored to be met.
In the following, the remote authentication procedure and the key agreement procedure are described separately:
remote authentication process: the authentication server remotely authenticates the secure memory area of the server, can authenticate the integrity and authenticity of codes in the secure memory area, and newly generates a key pair aiming at the secure memory area. Specifically, each time the remote authentication trigger condition is satisfied, the trigger server initiates a remote authentication process for the secure memory area to the authentication server.
Specifically, the remote authentication trigger conditions include a plurality of remote authentication trigger conditions, and when any one of the plurality of remote authentication trigger conditions is satisfied, the server initiates a remote authentication process for the secure memory area to the authentication server. In a specific implementation process, the remote authentication process specifically includes the following steps 11-13:
step 11, the server side initiates a remote authentication report (i.e. a Quote report) for the secure memory area to the authentication server.
Specifically, step 11 specifically includes: and when the remote authentication triggering condition is met, the server generates a remote authentication report aiming at the safe memory area in the safe memory area, and sends the remote authentication report through the server App.
In the embodiment of the present specification, a process of generating a remote authentication report in a secure memory area is described in detail:
and 11A, when a remote authentication triggering condition is met, generating a master key pair aiming at the secure memory area in the secure memory area to replace the original master key pair, wherein the generated master key comprises a first public key and a first private key. For example, the master key pair may be an RAS public and private key pair, RSA is an asymmetric cryptographic algorithm, and when a remote authentication trigger condition is satisfied, the original RSA public and private key pair is invalidated to generate a new RSA public and private key pair, and the newly generated RSA public and private key pair is used as the master key pair of the secure memory area. Of course, other asymmetric encryption algorithms may be used in performing step 11A.
And 11B, storing the first private key. Specifically, the first private key is directly stored in the secure memory area or is stored outside the secure memory area after being encrypted, so that in the key agreement process, the second key parameter sent to the client by the server can be digitally signed based on the first private key.
Specifically, in order to reduce the space occupation of the secure memory area, the first private key is encrypted and stored outside the secure memory area, and is decrypted into the secure memory area when being used.
And step 11C, disclosing the first public key in the master key pair, so that the client can obtain the public first public key, and verifying the digital signature of the second key parameter according to the public first public key in the key agreement process.
And 11D, generating a remote authentication report in the secure memory area according to the first public key in the master key.
Specifically, a target message digest is generated from a first public key of a master key pair; and generating a report signature aiming at the remote authentication report, wherein the report signature is used for verifying the remote authentication report by an authentication server.
More specifically, the target message digest is generated from the first public key of the master key pair, specifically: and adding a target message digest generated according to the first public key and a message digest of the code in the secure memory area into the original report to generate a remote authentication report.
More specifically, a report signature for a remote authentication report is generated, specifically: and signing the remote authentication report after the target message digest and the message digest of the code in the secure memory area are added to obtain a report signature aiming at the remote authentication report. Specifically, the report signature for the remote authentication report is to sign the remote authentication report based on a root key disclosed by the authentication server.
In a specific implementation process, the first public key may be directly subjected to digest processing according to a preset message digest algorithm to obtain a message digest of the first public key, which is used as a target message digest. Or the first public key is added to the current public key chain to form a new public key chain; and carrying out digest processing on the new public key chain to obtain a target message digest.
And step 11E, sending a remote authentication report to the authentication server.
Specifically, the secure memory area sends the generated remote authentication report to the server App, and the remote authentication report is sent to the authentication server through the untrusted component (i.e., the server App) of the server. By the report signature generated at the time of remote authentication of the report, the content in the remote authentication report cannot be changed by the untrusted component (i.e. the server App). In particular, the report signature of the remote authentication report is a signature based on a root key provided by the authentication server. Specifically, if the service side is an intel SGX-based SGX service side, the corresponding authentication server is an ias (intel association service) server.
And step 12, the authentication server receives the remote authentication Report sent by the server, verifies the remote authentication Report, and if the remote authentication Report passes the verification, the authentication server returns an authentication feedback Report (namely, Report) to the server.
Report signing for remote authentication reports is signing of remote authentication reports based on a root key that is public by an authentication server. The verification of the remote authentication report by the remote authentication report specifically includes: and verifying whether the remote authentication report is a report signature based on a root key of the authentication server, if so, passing the verification of the remote authentication report, and otherwise, failing to pass the verification.
The authentication server adds identification information in the verified remote authentication report, specifically, the identification information is used for identifying that the remote authentication report has been verified by the authentication server, and signs the remote authentication report containing the identification information again to generate an authentication feedback report for the remote authentication report. The authentication server sends an authentication feedback report to the server side which initiates the remote authentication report.
The authentication feedback report obtained through the remote authentication process includes: all information of the remote authentication report, namely, the information comprises: the target message digest, the message digest of the code in the secure memory area, and also the newly added identification information and the report signature for the authentication feedback report.
And step 13, the server receives and caches an authentication feedback report which is returned by the authentication server and aims at the remote authentication report.
In an optional implementation manner, the server may directly cache the received authentication feedback report, and when the key agreement trigger condition is satisfied, the server sends the cached authentication feedback report to the user side. In this embodiment, only one authentication feedback report is cached at the server.
To ensure that the latest authentication feedback report is cached every time, two other embodiments can be adopted:
in the first implementation mode, when a current authentication feedback report is received, the current authentication feedback report is compared with each authentication feedback report cached in a historical time period; if the report which is the same as the current authentication feedback report does not exist in the authentication feedback reports cached in the historical period, and the current authentication feedback report is represented as the latest authentication feedback report, caching the current authentication feedback report as the authentication feedback report aiming at the remote authentication report; otherwise, discarding the current authentication feedback report.
In the second implementation mode, if the target message digest is obtained by performing message digest on the latest public key chain; the receiving and caching an authentication feedback report for the remote authentication report, comprising: when a current authentication feedback report is received, judging whether the message digest of a public key chain in the current authentication feedback report is the same as the target message digest, if so, representing that the current authentication feedback report is the latest authentication feedback report, and caching the current authentication feedback report as an authentication feedback report aiming at the remote authentication report; otherwise, discarding the current authentication feedback report.
By the two implementation modes, the authentication feedback report cached currently can be ensured to be latest, and the caching of invalid authentication feedback reports is avoided.
In a specific implementation process, the remote authentication trigger condition includes one or more of the following conditions:
1. and presetting an authentication time interval, and periodically triggering the server to initiate a remote authentication process aiming at the secure memory area to an authentication server by the server according to the preset authentication time interval. It should be noted that the master key pair is a key used by the secure memory area of the server for a long time. Therefore, the master key pair is updated according to a longer updating period under the condition that the private key of the master key pair is not leaked. For example, the master key pair is updated once a year, that is, a preset authentication time interval, and the steps 11 to 13 are triggered to be executed: and updating the master key pair, and performing a remote authentication process aiming at the secure memory area once based on the updated master key pair.
2. When monitoring that the related information of the first private key in the master key pair is leaked, the server is triggered to initiate a remote authentication process aiming at the secure memory area to the authentication server. If the private key in the master key pair is leaked, the steps 11-13 are triggered to be executed, the master key pair is updated, and a remote authentication process aiming at the safe memory area is carried out on the basis of the updated master key pair.
In each remote authentication process, not only the master key pair is updated and authenticated, but also codes in the secure memory area are authenticated, so that the codes which the user side wants to execute are ensured.
The phase one, remote authentication procedure, was introduced above. After the remote authentication process is finished, the method enters
And a second phase, namely a key agreement process. And the key agreement process may be performed multiple times. The key agreement procedure is described in detail below.
The client remotely authenticates the server and performs key negotiation with the server to negotiate out a session key for communication between the client and a secure memory area of the server. When the key agreement triggering condition is met every time, the client and the secure memory area of the server perform key agreement, and negotiate out a session key for communication between the client and the secure memory area (a first session key for the secure memory area to receive private data from the client, and a first session key for the client to send the private data to the secure memory area, where the first session key is the same as the second session key). Specifically, the key agreement process comprises the following steps 21-26:
step 21: the client sends the first key parameter to the server. The client is a trusted domain, and the client generates a first key parameter according to the first random parameter. Specifically, the first key parameter may be calculated based on ECC (Elliptic curve cryptography), that is: the client generates a second ECC dot product result of the first random parameter as a first key parameter. Alternatively, another encryption algorithm may be selected to process the first random parameter to obtain the first key parameter.
Specifically, the client generates a first random parameter, and performs point multiplication on the first random parameter as a scalar of ECC point multiplication with one point on the elliptic curve to obtain a second ECC point multiplication result which is still one point on the elliptic curve, that is, the first key parameter is one point on the elliptic curve. For example, the client randomly takes a large integer b, and performs ECC dot-product calculation on b and a point G on the elliptic curve: b G = bG, the obtained ECC point multiplication result bG is a point on the elliptic curve, and the client sends the calculated bG as a first key parameter to the secure memory area of the server.
Step 22: the server receives the first key parameter sent by the client. Specifically, the server receives the first key parameter through the server App, and then sends the first key parameter to the secure memory area of the server.
Step 23: and the server generates a second random parameter in the secure memory area, and generates a first session key according to the first key parameter and the second random parameter, wherein the first session key is used for the secure memory area to receive the private data from the client.
Specifically, the server generates a second random parameter in the secure memory area, and performs ECC dot multiplication on the first key parameter and the second random parameter as a scalar of the ECC dot multiplication in the secure memory area to obtain a first ECC dot multiplication result. And generating a message digest of the first ECC dot product result in the secure memory area as a first session key. For example, the server randomly takes a large integer a, and performs ECC dot product calculation on a and a first encryption parameter bG: a, bG = abG, and the hash (abg) obtained by digesting the abG messages is used as a first session key for communication between the secure memory area of the server and the client, so as to decrypt the ciphertext sent by the client.
Step 24: and the server side generates a second key parameter according to the second random parameter in the secure memory area, and digitally signs the second key parameter based on the first private key in the master key pair.
Specifically, in the secure memory area, the second random parameter is used as a scalar for ECC point multiplication, and the second random parameter is point-multiplied by one point on the elliptic curve, so that a third ECC point multiplication result is obtained as the second key parameter. For example, the server randomly selects a large integer a in the secure memory area, and performs ECC dot product calculation on a and a point G on the elliptic curve: a G = aG, and the obtained ECC dot product aG is used as the second key parameter. Specifically, the client and the server select points on the elliptic curve as the same point.
Step 25: and the server side sends the second key parameter and the digital signature of the second key parameter to the client side.
Step 26: the client side verifies the digital signature of the second key parameter based on the first public key passing the verification, and after the digital signature verification passes, the client side generates a second session key in the trusted domain according to the second key parameter and the first random parameter, wherein the second session key is used for encrypting the privacy data when the client side sends the privacy data to the secure memory area.
In the specific implementation process, the server side sends the cached authentication feedback report to the client side, the client side firstly verifies the report signature of the authentication feedback report, if the report signature of the authentication feedback report passes the verification of the signature, the server side which sends the authentication feedback report is represented to be credible, then the public first public key is verified based on the authentication feedback report, and if the first public key passes the verification, the first public key received by the represented client side is credible, and the first public key which passes the verification is obtained.
The report signature for verifying the authentication feedback report specifically includes: the authentication server signs the authentication feedback report by using a second private key of an external public and private key pair, so that the client verifies the report signature of the authentication feedback report by using a second public key disclosed in the external public and private key pair by using the authentication server.
The verification of the first public key based on the authentication feedback report may specifically be one of the following manners:
if the target message digest in the authentication feedback report is the message digest of the first public key, the corresponding method is as follows: and generating a message digest of the public first public key, acquiring a target message digest in the authentication feedback report, comparing the currently generated message digest of the first public key with the target message digest, if the message digest of the first public key is the same as the target message digest, verifying the first public key to be passed, otherwise, not verifying the first public key to be passed.
If the target message digest in the authentication feedback report is the message digest of the public key chain, the corresponding method two is as follows: and generating a message digest of the public key chain, acquiring a target message digest in the authentication feedback report, comparing the currently generated message digest of the public key chain with the target message digest, if the message digest of the public key chain is the same as the target message digest, representing that the public key chain passes the verification, otherwise, not passing the public key chain verification. And acquiring the public key at the appointed position in the public key chain which passes the verification, namely acquiring the first public key which passes the verification. For example, if the first public key is added to the last public key of the public key chain, the last public key in the public key chain passing the verification is correspondingly obtained, that is, the first public key passing the verification is obtained.
The client verifies the digital signature of the second key parameter received from the server according to the first public key that passes the verification, and if the verification passes, the client generates the second session key according to a fourth ECC dot product result between the second key parameter and the first random parameter, for example, in combination with the foregoing example, that is, the second session key is obtained by: and b, aG = baG, the obtained baG digest of the message is cancelled, and the obtained hash (bag) is used as a second session key for communication between the secure memory area of the server and the client, so as to encrypt the private data sent by the client to the SGX server.
It should be noted that, based on abG and baG obtained by ECC, G and aG are known, a cannot be calculated, and similarly, G and bG cannot be calculated, b cannot be calculated, and even if an attacker knows the first private key, abG and baG cannot be obtained, and further, the first session key hash (abg) and the second session key hash (bag) cannot be decrypted, and abG and baG are the same calculation results, and therefore, the hash values are also the same. The server and the client do not need to inform the opposite party of what the session key is, but only exchange one parameter for generating the session key, and the shared key (session key) is negotiated, so that network transmission of the session key can be avoided, the session key is prevented from being leaked due to leakage of the first private key, and the privacy data encrypted by the previously negotiated session key are all safe, so that the forward security of the session key is ensured.
And in the triggering execution stage I, a new master key pair is generated, and the previous master key pair is invalidated, so that the master key pair used for a long time can be updated when the master key pair is determined or suspected to be leaked, and in the triggering execution stage II, a new session key can be negotiated based on the master key used for a long time, so that the forward security of private data is achieved, the private data and secret codes in calculation are better protected, and the better protection of user privacy is realized.
One or more key negotiation triggering conditions are provided, and when any one key negotiation triggering condition is met, the key negotiation process is triggered to be executed. Two examples of key agreement triggering conditions are given below:
1. and a preset key negotiation time interval, wherein the server periodically triggers and executes a key negotiation process according to the preset key negotiation time interval. It should be noted that the session key is a key for directly encrypting the private data. Therefore, the session key is updated according to a short updating period under the condition that the private key in the master key pair is not disclosed. Such as updating the session key once a week or a day. A plurality of key agreement procedures are performed after one remote authentication procedure.
2. And under the condition that the first private key is monitored to be leaked, immediately executing a key agreement triggering and executing process after triggering and executing the remote authentication process. Therefore, the key pair can be regenerated after the first private key is leaked, when an attacker conducts key agreement with the client based on the old first private key, the client discards the old first public key because the client already obtains the new first public key, and the client cannot verify the second key parameters signed according to the first private key based on the new first public key. Thereby ensuring the backward safety of the private data.
Based on the same inventive concept, an embodiment of the present specification provides an authenticated key agreement method, which is applied to a server side that includes a secure memory area based on a trusted execution environment, and the method includes a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and referring to fig. 2, the key agreement process includes:
s200, receiving a first key parameter sent by a client, wherein the first key parameter is generated by the client according to a first random parameter;
s202, generating a second random parameter in the secure memory area, and generating a first session key according to the first key parameter and the second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client;
s204, in the secure memory area, generating a second key parameter according to a second random parameter, and performing digital signature on the second key parameter according to the first private key;
and S206, sending the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on the first public key passing the verification, and after the digital signature passes the verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the private data to the secure memory area.
In an optional implementation manner, generating the first session key according to the first key parameter and the second random parameter includes:
generating a first elliptic curve password ECC dot product result between a first key parameter and a second random parameter, wherein the first key parameter is a second ECC dot product result of the client to the first random parameter;
and generating a message digest of the first ECC dot product result, and taking the message digest of the first ECC dot product result as a first session key.
In an optional implementation, generating the second key parameter according to the second random parameter includes:
and generating a third ECC dot product result of the second random parameter as a second key parameter, so that the client generates a second session key according to a fourth ECC dot product result between the second key parameter and the first random parameter.
In an alternative embodiment, the remote authentication process includes:
when the remote authentication triggering condition is met, generating a master key pair in a secure memory area, disclosing a first public key and storing a first private key at a server;
in the secure memory area, generating a remote authentication report according to the first public key;
sending a remote authentication report to an authentication server through an untrusted component of a server side;
and receiving and caching an authentication feedback report aiming at the remote authentication report, wherein the authentication feedback report is returned after the authentication server verifies the remote authentication report.
In an optional embodiment, generating the remote authentication report according to the first public key includes:
generating a target message digest according to a first public key in the master key pair;
and generating a report signature aiming at the remote authentication report, wherein the report signature is used for verifying the remote authentication report by an authentication server.
In an optional embodiment, receiving and caching an authentication feedback report for a remote authentication report includes:
when receiving a current authentication feedback report, comparing the current authentication feedback report with each authentication feedback report cached in a historical time period;
if the report which is the same as the current authentication feedback report does not exist in the authentication feedback reports cached in the historical period, and the current authentication feedback report is represented as the latest authentication feedback report, caching the current authentication feedback report as the authentication feedback report aiming at the remote authentication report; otherwise, discarding the current authentication feedback report.
In an optional implementation, generating the target message digest according to the first public key in the master key pair includes:
adding the first public key to the current public key chain to form a new public key chain;
performing digest processing on the new public key chain to obtain a target message digest;
receiving and caching an authentication feedback report for a remote authentication report, comprising:
when a current authentication feedback report is received, judging whether the message digest of the public key chain in the current authentication feedback report is the same as the target message digest, and if so, caching the current authentication feedback report as an authentication feedback report aiming at a remote authentication report; otherwise, discarding the current authentication feedback report.
In an optional implementation manner, when it is monitored that the key agreement trigger condition is satisfied, a key agreement process is triggered to be executed, and the cached authentication feedback report is sent to the client in the key agreement process, so that the client verifies the first public key based on the authentication feedback report.
Based on the same inventive concept, an embodiment of the present specification provides an authenticated key agreement method, which is applied to a client, where the client establishes a communication connection with a server, and the server includes a secure memory area based on a trusted execution environment, and the method includes a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and referring to fig. 3, the key agreement process includes:
s300, generating a first random parameter, and generating a first key parameter according to the first random parameter;
s302, sending a first key parameter to the server, so that the server generates a first session key in the secure memory area according to the first key parameter and a second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client;
s304, receiving a second key parameter and a digital signature sent by the server, wherein the second key parameter is generated by the server according to a second random parameter, and the digital signature is a signature of the server on the second key parameter according to a first private key;
s306, verifying the digital signature according to the first public key passing the verification, and if the digital signature passes the verification, generating a second session key according to a second key parameter and the first random parameter, wherein the second session key is used for the client to send the private data to the secure memory area.
In an optional implementation, generating the first key parameter according to the first random parameter includes:
and generating a second ECC point multiplication result of the first random parameter as a first key parameter, so that the server generates a first session key according to the first ECC point multiplication result between the first key parameter and the second random parameter, wherein the second random parameter is generated in the secure memory area by the server.
In an optional implementation manner, generating the second session key according to the second key parameter and the first random parameter includes:
generating a fourth ECC dot product result between the second key parameter and the first random parameter, wherein the second key parameter is a third ECC dot product result of the server side to the second random parameter;
and generating a message digest of the fourth ECC dot product result as the second session key.
In an optional implementation manner, before verifying the digital signature according to the first public key that passes the verification, the method further includes:
when an authentication feedback report sent by a server is received, verifying the authentication feedback report;
and if the authentication feedback report passes the verification, verifying the first public key according to the authentication feedback report to obtain the first public key passing the verification.
Based on the same inventive concept, an embodiment of this specification provides an authenticated key agreement device, which is applied to a server, where the server includes a secure memory area based on a trusted execution environment, and the device is configured to perform a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and as shown in fig. 4, a part of the device configured to perform the key agreement process includes:
a first receiving unit 401, configured to receive a first key parameter sent by a client, where the first key parameter is generated by the client according to a first random parameter;
a first key generation unit 402, configured to generate a second random parameter in the secure memory area, and generate a first session key according to the first key parameter and the second random parameter, where the first session key is used for the secure memory area to receive private data from the client;
a first parameter generating unit 403, configured to generate a second key parameter according to a second random parameter in the secure memory area;
a first signature unit 404, configured to digitally sign the second key parameter according to the first private key;
the first sending unit 405 is configured to send the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on the first public key that passes the verification, and after the digital signature passes the verification, a second session key is generated according to the second key parameter and the first random parameter, where the second session key is used for the client to send the private data to the secure memory area.
In an optional implementation manner, the first key generating unit 402 is specifically configured to:
generating a first elliptic curve password ECC dot product result between a first key parameter and a second random parameter, wherein the first key parameter is a second ECC dot product result of the client to the first random parameter;
and generating a message digest of the first ECC dot product result, and taking the message digest of the first ECC dot product result as a first session key.
In an optional implementation manner, the first parameter generating unit 403 is specifically configured to:
and generating a third ECC dot product result of the second random parameter as a second key parameter, so that the client generates a second session key according to a fourth ECC dot product result between the second key parameter and the first random parameter.
Based on the same inventive concept, an embodiment of this specification provides an authenticated key agreement apparatus, which is applied to a client, where the client establishes a communication connection with a server, the server includes a secure memory area based on a trusted execution environment, and the apparatus is configured to execute a remote authentication process and a key agreement process, where a master key pair of the secure memory area is generated in the remote authentication process, the master key pair includes a first public key and a first private key, and referring to fig. 5, a part of the apparatus configured to execute the key agreement process includes:
a second parameter generating unit 501, configured to generate a first random parameter, and generate a first key parameter according to the first random parameter;
a second sending unit 502, configured to send the first key parameter to the server, so that the server generates a first session key in the secure memory area according to the first key parameter and the second random parameter, where the first session key is used for the secure memory area to receive private data from the client;
a second receiving unit 503, configured to receive a second key parameter and a digital signature sent by the server, where the second key parameter is generated by the server according to a second random parameter, and the digital signature is a signature of the server on the second key parameter according to the first private key;
the second key generation unit 504 is configured to verify the digital signature according to the first public key that passes the verification, and if the digital signature passes the verification, generate a second session key according to a second key parameter and the first random parameter, where the second session key is used by the client to send the private data to the secure memory area.
In an optional implementation manner, the second parameter generating unit 501 is specifically configured to:
and generating a second ECC point multiplication result of the first random parameter as a first key parameter, so that the server generates a first session key according to the first ECC point multiplication result between the first key parameter and the second random parameter, wherein the second random parameter is generated in the secure memory area by the server.
In an optional implementation manner, the second key generating unit 504 is specifically configured to:
generating a fourth ECC dot product result between the second key parameter and the first random parameter, wherein the second key parameter is a third ECC dot product result of the server side to the second random parameter;
and generating a message digest of the fourth ECC dot product result as the second session key.
With regard to the above-mentioned apparatus, the specific functions of the respective modules have been described in detail in the embodiments of the authenticated key agreement system provided in the embodiments of the present specification, and will not be elaborated herein.
Based on the same inventive concept as the authenticated key agreement method in the foregoing embodiment, the present specification further provides an electronic device, as shown in fig. 6, including a memory 604, a processor 602, and a computer program stored in the memory 604 and executable on the processor 602, where the processor 602 executes the computer program to implement the steps of any of the foregoing authenticated key agreement methods.
Where in fig. 6 a bus architecture (represented by bus 600) is shown, bus 600 may include any number of interconnected buses and bridges, and bus 600 links together various circuits including one or more processors, represented by processor 602, and memory, represented by memory 604. The bus 600 may also link together various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface 606 provides an interface between the bus 600 and the receiver 601 and transmitter 603. The receiver 601 and the transmitter 603 may be the same element, i.e., a transceiver, providing a means for communicating with various other apparatus over a transmission medium. The processor 602 is responsible for managing the bus 600 and general processing, and the memory 604 may be used for storing data used by the processor 602 in performing operations.
Based on the same inventive concept as the authenticated key agreement method in the foregoing embodiments, the present specification further provides a computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the steps of any of the foregoing authenticated key agreement methods.
The description has been presented with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present specification have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all changes and modifications that fall within the scope of the specification.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present specification without departing from the spirit and scope of the specification. Thus, if such modifications and variations of the present specification fall within the scope of the claims of the present specification and their equivalents, the specification is intended to include such modifications and variations.

Claims (21)

1. An authentication key agreement method is applied to a server side, the server side comprises a secure memory area based on a trusted execution environment, the method comprises a remote authentication process and a key agreement process, wherein a master key pair of the secure memory area is generated in the remote authentication process, the master key pair comprises a first public key and a first private key, the key agreement process is triggered and executed periodically when a preset key agreement time interval is met, and the key agreement process is triggered and executed after the remote authentication process is triggered and executed when the first private key is monitored to be leaked; the key agreement procedure includes:
receiving a first key parameter sent by a client, wherein the first key parameter is generated by the client according to a first random parameter, and the first key parameter is a second elliptic curve cryptography ECC point multiplication result of the first random parameter;
generating a second random parameter in the secure memory area, and generating a first session key according to the first key parameter and the second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client;
in the secure memory area, generating a second key parameter according to the second random parameter, and digitally signing the second key parameter according to the first private key, wherein the second key parameter is a third ECC dot product result of the second random parameter;
and sending the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on the first public key passing verification, and after the digital signature passes verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the privacy data to the secure memory area.
2. The method of claim 1, the generating a first session key from the first key parameter and the second random parameter, comprising:
generating a first ECC dot product result between the first key parameter and the second random parameter, wherein the first key parameter is a second ECC dot product result of the client to the first random parameter;
and generating a message digest of the first ECC dot product result, and taking the message digest of the first ECC dot product result as the first session key.
3. The method of claim 1, the generating a second key parameter from the second random parameter, comprising:
and generating a third ECC dot product result of the second random parameter as the second key parameter, so that the client generates the second session key according to a fourth ECC dot product result between the second key parameter and the first random parameter.
4. The method of claim 1, the remote authentication process, comprising:
when a remote authentication triggering condition is met, generating the master key pair in the secure memory area, disclosing the first public key and storing the first private key in the server;
in the secure memory area, generating a remote authentication report according to the first public key;
sending the remote authentication report to an authentication server through an untrusted component of the server;
receiving and caching an authentication feedback report aiming at the remote authentication report, wherein the authentication feedback report is returned after the authentication server verifies the remote authentication report.
5. The method of claim 4, the generating a remote authentication report from the first public key comprising:
generating a target message digest according to the first public key in the master key pair;
generating the remote authentication report according to the target message digest, and generating a report signature for the remote authentication report, the report signature being used for the authentication server to verify the remote authentication report.
6. The method of claim 4, the receiving and caching an authentication feedback report for the remote authentication report, comprising:
when a current authentication feedback report is received, comparing the current authentication feedback report with each authentication feedback report cached in a historical period;
if the report which is the same as the current authentication feedback report does not exist in the authentication feedback reports cached in the historical time period, and the current authentication feedback report is represented as the latest authentication feedback report, caching the current authentication feedback report as the authentication feedback report aiming at the remote authentication report; otherwise, discarding the current authentication feedback report.
7. The method of claim 5, wherein the first and second light sources are selected from the group consisting of a red light source, a green light source, and a blue light source,
generating a target message digest according to the first public key in the master key pair, including:
adding the first public key to a current public key chain to form a new public key chain;
performing digest processing on the new public key chain to obtain the target message digest;
the receiving and caching an authentication feedback report for the remote authentication report, comprising:
when a current authentication feedback report is received, judging whether the message digest of a public key chain in the current authentication feedback report is the same as the target message digest, and if so, caching the current authentication feedback report as an authentication feedback report aiming at the remote authentication report; otherwise, discarding the current authentication feedback report.
8. The method according to any of claims 4-7, triggering execution of the key agreement procedure upon monitoring that a key agreement trigger condition is met, and sending the cached authentication feedback report to the client in the key agreement procedure, such that the client verifies the first public key based on the authentication feedback report.
9. An authentication key agreement method is applied to a client, a communication connection is established between the client and a server, a secure memory area based on a trusted execution environment is included on the server, the method comprises a remote authentication process and a key agreement process, wherein a master key pair of the secure memory area is generated in the remote authentication process, the master key pair comprises a first public key and a first private key, a preset key agreement time interval is met when monitoring, the key agreement process is periodically triggered and executed, and the key agreement process is triggered and executed after the remote authentication process is triggered and executed when monitoring that the first private key is leaked; the key agreement procedure includes:
generating a first random parameter, and generating a first key parameter according to the first random parameter, wherein the first key parameter is a second elliptic curve cryptography ECC point multiplication result of the first random parameter;
sending the first key parameter to a server, so that the server generates a first session key in the secure memory area according to the first key parameter and a second random parameter, wherein the first session key is used for the secure memory area to receive private data from the client;
receiving a second key parameter and a digital signature sent by the server, wherein the second key parameter is generated by the server according to the second random parameter, the digital signature is a signature of the server on the second key parameter according to the first private key, and the second key parameter is a third ECC dot product result of the second random parameter;
and verifying the digital signature according to the first public key passing the verification, and if the digital signature passes the verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the privacy data to the secure memory area.
10. The method of claim 9, the generating a first key parameter from the first random parameter, comprising:
and generating a second ECC dot product result of the first random parameter as the first key parameter, so that the server generates the first session key according to the first ECC dot product result between the first key parameter and the second random parameter, wherein the second random parameter is generated in the secure memory area by the server.
11. The method of claim 9, the generating a second session key from the second key parameter and the first random parameter, comprising:
generating a fourth ECC dot product result between the second key parameter and the first random parameter, wherein the second key parameter is a third ECC dot product result of the server side to the second random parameter;
generating a message digest of the fourth ECC dot product result as the second session key.
12. The method of claim 9, further comprising, before the verifying the digital signature according to the verified first public key:
when an authentication feedback report sent by the server side is received, verifying the authentication feedback report;
and if the authentication feedback report passes the verification, verifying the first public key according to the authentication feedback report to obtain the first public key passing the verification.
13. An authentication key agreement device is applied to a server, the server comprises a secure memory area based on a trusted execution environment, the device is used for executing a remote authentication process and a key agreement process, wherein a master key pair of the secure memory area is generated in the remote authentication process, the master key pair comprises a first public key and a first private key, the device is used for monitoring that a preset key agreement time interval is met, periodically triggering and executing the key agreement process, and executing the key agreement process after triggering and executing the remote authentication process under the condition that the first private key is leaked; the means for performing portions of the key agreement process comprises:
the device comprises a first receiving unit, a second receiving unit and a third receiving unit, wherein the first receiving unit is used for receiving a first key parameter sent by a client, the first key parameter is generated by the client according to a first random parameter, and the first key parameter is a second elliptic curve cryptography ECC point multiplication result of the first random parameter;
a first key generation unit, configured to generate a second random parameter in the secure memory area, and generate a first session key according to the first key parameter and the second random parameter, where the first session key is used by the secure memory area to receive private data from the client;
a first parameter generating unit, configured to generate, in the secure memory area, a second key parameter according to the second random parameter;
the first signature unit is used for digitally signing the second key parameter according to the first private key;
a first sending unit, configured to send the second key parameter and the digital signature to the client, so that the client verifies the digital signature based on a first public key that passes verification, and after the digital signature passes verification, generate a second session key according to the second key parameter and the first random parameter, where the second session key is used for the client to send the private data to the secure memory area, and the second key parameter is a third ECC dot product result of the second random parameter.
14. The apparatus according to claim 13, wherein the first key generation unit is specifically configured to:
generating a first ECC dot product result between the first key parameter and the second random parameter, wherein the first key parameter is a second ECC dot product result of the client to the first random parameter;
and generating a message digest of the first ECC dot product result, and taking the message digest of the first ECC dot product result as the first session key.
15. The apparatus according to claim 13, wherein the first parameter generating unit is specifically configured to:
and generating a third ECC dot product result of the second random parameter as the second key parameter, so that the client generates the second session key according to a fourth ECC dot product result between the second key parameter and the first random parameter.
16. An authentication key agreement device is applied to a client, a communication connection is established between the client and a server, the server comprises a secure memory area based on a trusted execution environment, and the device is used for executing a remote authentication process and a key agreement process, wherein a master key pair of the secure memory area is generated in the remote authentication process, the master key pair comprises a first public key and a first private key, the device is used for monitoring that a preset key agreement time interval is met, periodically triggering and executing the key agreement process, and executing the key agreement process after triggering and executing the remote authentication process under the condition that the first private key is leaked; the means for performing portions of the key agreement process comprises:
the second parameter generation unit is used for generating a first random parameter and generating a first key parameter according to the first random parameter, wherein the first key parameter is a second elliptic curve cryptography ECC point multiplication result of the first random parameter;
a second sending unit, configured to send the first key parameter to a server, so that the server generates a first session key in the secure memory area according to the first key parameter and a second random parameter, where the first session key is used by the secure memory area to receive private data from the client;
a second receiving unit, configured to receive a second key parameter and a digital signature that are sent by the server, where the second key parameter is generated by the server according to the second random parameter, the digital signature is a signature of the server on the second key parameter according to the first private key, and the second key parameter is a third ECC dot product result of the second random parameter;
and the second key generation unit is used for verifying the digital signature according to the first public key passing the verification, and if the digital signature passes the verification, generating a second session key according to the second key parameter and the first random parameter, wherein the second session key is used for the client to send the private data to the secure memory area.
17. The apparatus according to claim 16, wherein the second parameter generating unit is specifically configured to:
and generating a second ECC dot product result of the first random parameter as the first key parameter, so that the server generates the first session key according to the first ECC dot product result between the first key parameter and the second random parameter, wherein the second random parameter is generated in the secure memory area by the server.
18. The apparatus according to claim 16, wherein the second key generation unit is specifically configured to:
generating a fourth ECC dot product result between the second key parameter and the first random parameter, wherein the second key parameter is a third ECC dot product result of the server side to the second random parameter;
generating a message digest of the fourth ECC dot product result as the second session key.
19. An authentication key agreement system comprises a client and a server, wherein the server comprises a secure memory area based on a trusted execution environment, and the system is used for executing a remote authentication process and a key agreement process, wherein a master key pair of the secure memory area is generated in the remote authentication process, the master key pair comprises a first public key and a first private key, the client and/or the server monitors that a preset key agreement time interval is met, the key agreement process is periodically triggered and executed, and the key agreement process is triggered and executed after the remote authentication process is triggered and executed under the condition that the first private key is monitored to be leaked; in performing the key agreement procedure:
the client is used for generating a first key parameter according to a first random parameter and sending the first key parameter to the server, wherein the first key parameter is a second elliptic curve cryptography ECC point multiplication result of the first random parameter;
the server is configured to perform the following operations in the secure memory area: generating a second random parameter, generating a first session key according to the first key parameter and the second random parameter, generating a second key parameter according to the second random parameter, where the second key parameter is a third ECC point-product result of the second random parameter, digitally signing the second key parameter according to the first private key, and sending the second key parameter and the digital signature to the client, where the first session key is used for the secure memory area to receive private data from the client, and the secure memory area is a memory area based on a trusted execution environment and included in the server;
the client is further configured to: and verifying the digital signature based on the first public key passing verification, and generating a second session key according to the second key parameter and the first random parameter after the digital signature passes verification, wherein the second session key is used for the client to send the private data to the secure memory area.
20. An electronic device comprising a memory and a processor, wherein a computer program operable on the processor is stored in the memory, and wherein the processor implements the steps of the method of any of claims 1-12 when executing the computer program.
21. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 12.
CN201911327323.0A 2019-12-20 2019-12-20 Authentication key negotiation method, device, storage medium and equipment Active CN110890962B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201911327323.0A CN110890962B (en) 2019-12-20 2019-12-20 Authentication key negotiation method, device, storage medium and equipment
PCT/CN2020/124416 WO2021120871A1 (en) 2019-12-20 2020-10-28 Authentication key negotiation method and apparatus, storage medium and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911327323.0A CN110890962B (en) 2019-12-20 2019-12-20 Authentication key negotiation method, device, storage medium and equipment

Publications (2)

Publication Number Publication Date
CN110890962A CN110890962A (en) 2020-03-17
CN110890962B true CN110890962B (en) 2021-04-13

Family

ID=69752673

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911327323.0A Active CN110890962B (en) 2019-12-20 2019-12-20 Authentication key negotiation method, device, storage medium and equipment

Country Status (2)

Country Link
CN (1) CN110890962B (en)
WO (1) WO2021120871A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110890962B (en) * 2019-12-20 2021-04-13 支付宝(杭州)信息技术有限公司 Authentication key negotiation method, device, storage medium and equipment
CN111614686B (en) * 2020-05-26 2023-01-17 牛津(海南)区块链研究院有限公司 Key management method, controller and system
CN114006691B (en) * 2020-07-13 2023-02-28 华为技术有限公司 Method and device for remote attestation
CN112000493B (en) * 2020-08-24 2023-04-18 成都卫士通信息产业股份有限公司 Data processing system, method, electronic device and storage medium
CN112784249B (en) * 2021-01-25 2024-03-22 公安部第三研究所 Method, system, processor and computer readable storage medium for implementing mobile terminal authentication processing under no-identification condition
CN113849815B (en) * 2021-08-26 2022-04-22 兰州大学 Unified identity authentication platform based on zero trust and confidential calculation
CN114553412B (en) * 2022-02-28 2024-02-23 百果园技术(新加坡)有限公司 Data transmission method, device, equipment and storage medium
CN117235693B (en) * 2023-11-14 2024-02-02 杭州安恒信息技术股份有限公司 Trusted authentication and secure channel establishment method of trusted execution environment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106571912A (en) * 2016-10-31 2017-04-19 全球能源互联网研究院 Two-side authentication method for power system
WO2019120317A2 (en) * 2019-03-26 2019-06-27 Alibaba Group Holding Limited Program execution and data proof scheme using multiple key pair signatures
WO2019137564A2 (en) * 2019-04-26 2019-07-18 Alibaba Group Holding Limited Securely executing smart contract operations in a trusted execution environment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101425897B (en) * 2007-10-29 2011-05-18 上海交通大学 Customer authentication method, system, server and customer node
CN103298157A (en) * 2013-06-19 2013-09-11 中国地质大学(武汉) Data safety intelligent transmission system for wireless internet of things
CN108462689B (en) * 2017-02-22 2022-04-01 英特尔公司 Techniques for remote SGX enclave authentication
US10726132B2 (en) * 2018-03-08 2020-07-28 Hewlett Packard Enterprise Development Lp Enclave launch and authentication
CN110011801B (en) * 2018-11-16 2020-10-20 创新先进技术有限公司 Remote certification method and device for trusted application program and electronic equipment
CN110890962B (en) * 2019-12-20 2021-04-13 支付宝(杭州)信息技术有限公司 Authentication key negotiation method, device, storage medium and equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106571912A (en) * 2016-10-31 2017-04-19 全球能源互联网研究院 Two-side authentication method for power system
WO2019120317A2 (en) * 2019-03-26 2019-06-27 Alibaba Group Holding Limited Program execution and data proof scheme using multiple key pair signatures
WO2019137564A2 (en) * 2019-04-26 2019-07-18 Alibaba Group Holding Limited Securely executing smart contract operations in a trusted execution environment

Also Published As

Publication number Publication date
CN110890962A (en) 2020-03-17
WO2021120871A1 (en) 2021-06-24

Similar Documents

Publication Publication Date Title
CN110890962B (en) Authentication key negotiation method, device, storage medium and equipment
US10652015B2 (en) Confidential communication management
CN109600350B (en) System and method for secure communication between controllers in a vehicle network
CN109309565B (en) Security authentication method and device
CN109034796B (en) Alliance chain-based transaction supervision method, electronic device and readable storage medium
US20180131511A1 (en) Systems and Methods for Dynamic Cypher Key Management
CN106788989B (en) Method and equipment for establishing secure encrypted channel
AU2016287732A1 (en) Mutual authentication of confidential communication
JP2012050066A (en) Secure field-programmable gate array (fpga) architecture
CN106941404B (en) Key protection method and device
TW202015378A (en) Cryptographic operation method, method for creating work key, and cryptographic service platform and device
KR101608815B1 (en) Method and system for providing service encryption in closed type network
JP2022521525A (en) Cryptographic method for validating data
CN115065472B (en) Security chip encryption and decryption method and device based on multi-key encryption and decryption
CN109005184A (en) File encrypting method and device, storage medium, terminal
CN110383755B (en) Network device and trusted third party device
CN114143117A (en) Data processing method and device
US11153344B2 (en) Establishing a protected communication channel
US20230299971A1 (en) Data protection apparatus, electronic apparatus, method, and storage medium
CN114785527B (en) Data transmission method, device, equipment and storage medium
CN114866244A (en) Controllable anonymous authentication method, system and device based on ciphertext block chaining encryption
CN115344882A (en) Multi-party computing method, device and storage medium based on trusted computing environment
CN110572257A (en) Anti-quantum computing data source identification method and system based on identity
CN112702420B (en) Processing method and system for online and offline data interaction
CN113676462B (en) Key distribution and decryption method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant