CN110912686A - Secure channel key negotiation method and system - Google Patents
Secure channel key negotiation method and system Download PDFInfo
- Publication number
- CN110912686A CN110912686A CN201910978196.4A CN201910978196A CN110912686A CN 110912686 A CN110912686 A CN 110912686A CN 201910978196 A CN201910978196 A CN 201910978196A CN 110912686 A CN110912686 A CN 110912686A
- Authority
- CN
- China
- Prior art keywords
- terminal
- key
- authentication server
- authentication code
- temporary public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method and a system for negotiating a secret key of a secure channel.A certification server generates a first random number and a corresponding first temporary public key, sends the first temporary public key to a first terminal which trusts with each other, and sends the first random number to a second terminal which trusts with each other, wherein the first terminal is a data security device, and the second terminal is a non-data security device; the first terminal generates a second random number and a corresponding second temporary public key, and the second temporary public key is sent to the second terminal through the authentication server; the first terminal and the second terminal negotiate a secret key of a secure channel between the first terminal and the second terminal according to respective random numbers and the temporary public key; the first terminal and the second terminal negotiate together to obtain a key for realizing a high-reliability data security channel between the first terminal and the second terminal, so that the security of communication between the first terminal (such as a payment terminal) and the second terminal (such as a mobile terminal) is improved.
Description
Technical Field
The present invention relates to the field of data security communication, and in particular, to a method and a system for negotiating a secret key of a secure channel.
Background
In the prior art, in order to realize secure communication between two terminals, a data secure channel is generally established between the two terminals. There are many schemes for implementing the data security channel, and taking the RSA-based key agreement protocol as an example, a typical process for establishing the security channel is that two communicating parties (assumed to be party a and party B) respectively store a root public key certificate capable of authenticating the public key certificate of the other party, and the two communicating parties also respectively and securely store a pair of public and private key pairs representing their identities. The two parties send their own public key certificates to the other party, and the other party verifies the identity of the public key certificate by using the root public key certificate stored in advance. After the verification is passed, if the scheme is the RSA key agreement scheme, the following principle is followed: if party a passes the certificate verification operation of party B, party a transfers a set of random numbers (for example, three random numbers, each of which is 16 bytes and is denoted as RNDA1, RNDA2, RNDA3) to party B by using its own private key and the public key provided by party B, and party B uses the received public key of party a and its own private key to perform secure decryption to obtain the plaintext of RNDA1, RNDA2, RNDA 3. In a similar manner, party B also generates a set of random numbers RNDB1, RNDB2, RNDB3, which are securely delivered to party a. Party A and party B use the two groups of random numbers to be respectively subjected to XOR, so that three keys are synchronized: one both for the data encryption key of the message transmission, one a-party for the MAC key of the MAC check code of the message transferred from the a-party to the B-party, and one B-party for the MAC key of the MAC check code of the message transferred from the B-party to the a-party. The purpose of these three keys is: if the A party wants to transmit the message to the B party, the data encryption key can be used for encrypting the whole message, then the MAC code of the encrypted message is calculated by the MAC key from the A party to the B party, and the MAC code and the encrypted message are transmitted to the B party together. And the party B firstly verifies the MAC code by using the MAC key, and then decrypts the message by using the data encryption key after the MAC code is verified to be correct, so as to obtain a plaintext.
In the above key negotiation scheme, the key point of the negotiation scheme is that both communication parties need to respectively and safely store a pair of public and private key pairs representing respective identities in advance, and the public key certificate needs to be issued and approved by a third party trust authority, and the private key needs to be stored in respective terminals for a long time.
However, many existing usage scenarios involve communication between a secure Payment Terminal and a common mobile Terminal, where a Secure Payment Terminal (SPT) side may safely store a key required for identity authentication due to a Security module; but the other party of communication is a common mobile terminal, and a trusted security module is not necessarily provided for storing the secret key for identity authentication. This key for authentication on the side of the normal mobile terminal can only be saved in the normal area (insecure area) of the mobile terminal. In this case, the trust mechanism of the secure channel is destroyed once such keys are revealed or attacked. Therefore, the payment security terminal may not trust the mobile terminal because the general mobile terminal does not have the security module. Of course, third party trust authorities or payment platforms are also willing to issue such certificates to ordinary mobile terminals that do not have a secure trusted environment. Therefore, in the application scenario, only one secure channel for one-way authentication of the payment terminal side by the common mobile terminal can be established, and the security strength is not high.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the method and the system for negotiating the key of the secure channel can improve the security of communication between the payment terminal and the mobile terminal.
In order to solve the technical problems, the invention adopts a technical scheme that:
a method for negotiating a key of a secure channel includes:
s1, the authentication server generates a first random number and a corresponding first temporary public key, the first temporary public key is sent to a first terminal which is mutually trusted with the first temporary public key, the first random number is sent to a second terminal which is mutually trusted with the first random number, the first terminal is a data security device, and the second terminal is a non-data security device;
s2, the first terminal generates a second random number and a corresponding second temporary public key, and the second temporary public key is sent to the second terminal through the authentication server;
s3, and the first terminal and the second terminal negotiate a key of the secure channel therebetween according to the respective random numbers and the temporary public key.
In order to solve the technical problem, the invention adopts another technical scheme as follows:
a negotiation system of a key of a secure channel comprises a first terminal, a second terminal and an authentication server, wherein the first terminal is a data security device, and the second terminal is a non-data security device;
the first terminal comprises a first memory, a first processor and a first computer program stored on the first memory and executable on the first processor, the second terminal comprises a second memory, a second processor and a second computer program stored on the second memory and executable on the second processor, the authentication server comprises a third memory, a third processor and a third computer program stored on the third memory and executable on the third processor, the first processor implements the following steps when executing the first computer program:
s1, receiving the first temporary public key sent by the authentication server;
s2, generating a second random number and a corresponding second temporary public key, and sending the second temporary public key to the second terminal through the authentication server;
s3, negotiating a key of a secure channel between the second random number and the first temporary public key and the second terminal according to the second random number and the first temporary public key;
the second processor, when executing the second computer program, implements the steps of:
s1, receiving the first random number sent by the authentication server;
s2, receiving a second temporary public key sent by the authentication server;
s3, negotiating a key of a secure channel between the first random number and the second temporary public key and the first terminal according to the first random number and the second temporary public key;
the third processor, when executing the third computer program, performs the steps of:
s1, generating a first random number and a corresponding first temporary public key, sending the first temporary public key to a first terminal which is mutually trusted with the first temporary public key, and sending the first random number to a second terminal which is mutually trusted with the first temporary public key;
and S2, sending the second temporary public key generated by the first terminal to the second terminal.
The invention has the beneficial effects that: introducing an authentication server except a first terminal and a second terminal of two communication parties as a trusted party, wherein the first terminal and the authentication server are mutually trusted, and the second terminal and the authentication server are mutually trusted; generating a first random number and a corresponding first temporary public key by an authentication server, sending the first random number to a first terminal, sending the first temporary public key to a second terminal, generating a second random number and a corresponding second temporary public key by the second terminal, forwarding the second temporary public key to the first terminal by the authentication server, enabling the first terminal and the second terminal to mutually trust the identity of each other by the authentication server, realizing the interchange of the temporary public keys, and obtaining a key for realizing a highly reliable data security channel between the first terminal and the second terminal according to the mutual negotiation of the respective random numbers and the temporary public keys, wherein although the second terminal does not have a physical security protection mechanism, on one hand, the trust server is used as a trust broker, on the other hand, the first random number and the corresponding first temporary public key of the key negotiation between the first terminal and the second terminal are generated by the authentication server, thereby improving the security of the communication between the first terminal, such as a payment terminal, and the second terminal, such as a mobile terminal.
Drawings
Fig. 1 is a flowchart illustrating steps of a negotiation method of a secure tunnel according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a negotiation system of a secure tunnel according to an embodiment of the present invention;
FIG. 3 is a system architecture diagram of an application scenario according to an embodiment of the present invention;
description of reference numerals:
1. a first terminal; 2. a first memory; 3. a first processor; 4. a second terminal; 5. a second memory; 6. a second processor; 7. an authentication server; 8. a third memory; 9. a third processor; 10. a system for negotiating a key for a secure channel.
Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
Referring to fig. 1, a method for negotiating a secret key of a secure channel includes:
s1, the authentication server generates a first random number and a corresponding first temporary public key, the first temporary public key is sent to a first terminal which is mutually trusted with the first temporary public key, the first random number is sent to a second terminal which is mutually trusted with the first random number, the first terminal is a data security device, and the second terminal is a non-data security device;
s2, the first terminal generates a second random number and a corresponding second temporary public key, and the second temporary public key is sent to the second terminal through the authentication server;
s3, and the first terminal and the second terminal negotiate a key of the secure channel therebetween according to the respective random numbers and the temporary public key.
As can be seen from the above description, the beneficial effects of the present invention are: introducing an authentication server except a first terminal and a second terminal of two communication parties as a trusted party, wherein the first terminal and the authentication server are mutually trusted, and the second terminal and the authentication server are mutually trusted; generating a first random number and a corresponding first temporary public key by an authentication server, sending the first random number to a first terminal, sending the first temporary public key to a second terminal, generating a second random number and a corresponding second temporary public key by the second terminal, forwarding the second temporary public key to the first terminal by the authentication server, enabling the first terminal and the second terminal to mutually trust the identity of each other by the authentication server, realizing the interchange of the temporary public keys, and obtaining a key for realizing a highly reliable data security channel between the first terminal and the second terminal according to the mutual negotiation of the respective random numbers and the temporary public keys, wherein although the second terminal does not have a physical security protection mechanism, on one hand, the trust server is used as a trust broker, on the other hand, the first random number and the corresponding first temporary public key of the key negotiation between the first terminal and the second terminal are generated by the authentication server, thereby improving the security of the communication between the first terminal, such as a payment terminal, and the second terminal, such as a mobile terminal.
Further, the first terminal and the second terminal respectively establish a secure channel with the authentication server to realize mutual trust with the authentication server.
According to the description, the authentication server respectively carries out the secure channel with the first terminal and the second terminal, and the security of data interacted between the first terminal and the second terminal is guaranteed, so that mutual trust is realized, and the security of communication is improved.
Further, the establishing, by the first terminal and the second terminal, the secure channels with the authentication server respectively includes:
the first terminal and the authentication server share a first key group, and different first terminals have different first key groups;
the second terminal shares a second key group with the authentication server, and different second terminals have different second key groups.
It can be known from the above description that the shared key group ensures that the authentication server establishes a point-to-point secure channel with the first terminal and the second terminal, respectively, and different terminals share different key groups with the authentication server, thereby further improving the security of the communication between the authentication server and the first terminal and the second terminal, respectively.
Further, the first key set and the second key set are derived based on DUKPT key derivation protocol.
As can be seen from the above description, deriving the key group between the authentication server and the terminal based on the DUKPT key derivation protocol can further improve the security of communication between the authentication server and the first terminal and the second terminal, and prevent disclosure of secrets, because the key used by the DUKPT in each transaction is not used in the subsequent transaction, and the transaction terminal does not contain any information about the transaction key used by the transaction terminal before, and does not contain any transaction password used by other transaction terminals or to be used in the future, so there is no disclosure problem.
Further, the step S1 includes the steps of:
s01, the first terminal and the second terminal respectively generate respective current first key group and second key group according to respective serial numbers;
s02, the second terminal forwards a request for uploading a first terminal serial number sent by the authentication server to the first terminal;
the second terminal receives a first terminal serial number sent by the first terminal, and sends a request for acquiring a first random number to the authentication server, wherein the request comprises the first terminal serial number and a second terminal serial number;
s03, the authentication server respectively determines a current first key group of the first terminal and a current second key group of the second terminal according to the first terminal serial number and the second terminal serial number;
in step S1, the sending the first temporary public key to a first terminal trusted mutually with the first temporary public key, and the sending the first random number to a second terminal trusted mutually with the first temporary public key includes:
the authentication server and the first terminal verify each other through the first key group to realize that the first temporary public key is sent to the first terminal;
and the authentication server and the second terminal mutually verify through the second key group to realize the transmission of the first random number to the second terminal.
As can be seen from the above description, the first terminal and the second terminal respectively determine their current first key group and second key group according to their respective terminal serial numbers, the second terminal serves as a relay and sends the serial numbers of the first terminal and the second terminal to the authentication server, and the authentication server obtains the corresponding first key group and second key group according to the serial number of the terminal and performs mutual authentication according to the key groups shared by the authentication server and the first terminal and the second terminal, thereby ensuring the security of communication therebetween and improving the reliable security of data transmission.
Further, the second key group comprises a second data encryption key, a second terminal authentication code key and a second authentication server authentication code key;
the request to obtain the first random number further comprises:
generating a second terminal authentication code according to the message of the request for acquiring the first random number and the second terminal authentication code key;
including the second terminal authentication code in the request to obtain the first random number;
the authentication server and the second terminal mutually verify through the second key group, and the sending of the first random number to the second terminal comprises the following steps:
the authentication server verifies the second terminal authentication code by using the second terminal authentication code key;
the authentication server encrypts the first random number by using the second data encryption key, generates a second authentication server authentication code according to the encrypted first random number and the second authentication server authentication code key, and sends the encrypted first random number and the encrypted second authentication server authentication code to the second terminal;
the second terminal adopts the second authentication server authentication code key to verify the second authentication server authentication code, and adopts the second data encryption key to decrypt the encrypted first random number, so as to obtain and store the first random number;
the first key set comprises a first authentication server authentication code key;
the authentication server and the first terminal mutually verify through the first key group, and the sending of the first temporary public key to the first terminal comprises the following steps:
the authentication server generates a first authentication server authentication code according to the first temporary public key and the first authentication server authentication code key, and sends the first temporary public key and the first authentication server authentication code to the first terminal through the second terminal;
and the first terminal adopts the first authentication server authentication code key to verify the first authentication server authentication code, and acquires and stores the first temporary public key.
Further, the first key group further comprises a first terminal authentication code key;
the step S2 includes:
the first terminal generates a second random number and a corresponding second temporary public key, generates a first terminal authentication code according to the second temporary public key and a first terminal authentication code key, and sends the second temporary public key and the first terminal authentication code to the authentication server through the second terminal;
the authentication server verifies the first terminal authentication code through the first terminal authentication code key to obtain the second temporary public key;
the authentication server generates a third authentication server authentication code according to the second temporary public key and the second authentication server authentication code key, and sends the second temporary public key and the third authentication server authentication code to the second terminal;
and the second terminal adopts the second authentication server authentication code key to verify the third authentication server authentication code, and acquires and stores the second temporary public key.
As can be seen from the above description, the key group shared between the authentication server and the first and second terminals includes authentication code keys in two directions to authenticate the identity of the other party, and the key group shared between the server and the first terminal further includes an encryption key for encrypting data transmitted therebetween, so as to ensure the security of the transmitted data.
Further, in step S3, the first terminal and the second terminal both negotiate a key of the secure channel therebetween using an ECDH key agreement protocol.
As can be seen from the above description, a key can be negotiated by an ECDH key agreement protocol under the condition that the first terminal and the second terminal do not share any key, and the mutual trust between the first terminal and the second terminal of both parties of communication is ensured by introducing an authentication server that respectively trusts with the first terminal and the second terminal, so that the problem that the ECDH key agreement protocol cannot solve the mutual trust between both parties of communication is solved by using the authentication server as an authentication broker, and the security of the negotiated key is ensured.
Further, the step S3 is followed by:
and the first terminal and the second terminal respectively generate a third data encryption key, a first terminal to second terminal direction authentication code key and a second terminal to first terminal direction authentication code key by adopting a KDF key derivation algorithm according to the negotiated keys, and the third data encryption key, the first terminal to second terminal direction authentication code key and the second terminal to first terminal direction authentication code key are used as a third key group of a security channel between the first terminal and the second terminal.
As can be seen from the above description, after the two communication parties negotiate the key of the secure channel between them, the key of the required number can be further generated by using the KDF key derivation algorithm according to the negotiated key, and the key is used as the key group required for the communication between them, which not only improves the flexibility of generating the cipher group, but also improves the security of the communication between them.
Further, the second key group is hidden in the application program of the second terminal by adopting a key white-box technology.
As can be seen from the above description, since the second terminal is a non-data security device, there is no secure physical environment that can guarantee data security, and the key stored in the code can be encrypted by using the key white-box technology, so as to enhance security protection of the key in the program in the non-secure environment.
Further, the second key set is updated periodically.
As can be seen from the above description, since the key white-box technology cannot guarantee the security of the key for a long time, the security of the key is further guaranteed by periodic updating.
Further, the step S3 is followed by:
the authentication server respectively sends query commands to the first terminal and the second terminal periodically and receives terminal unique identification information sent by the first terminal and the second terminal periodically;
and respectively determining the legality of the first terminal and the legality of the second terminal according to the respective terminal unique identification information of the first terminal and the second terminal.
As can be seen from the above description, after the secure channel is established between the first terminal and the second terminal, the authentication server periodically queries the first terminal and the second terminal to determine the legitimacy of the first terminal and the second terminal, so that the legitimacy of the first terminal and the second terminal can be tracked, and the security of communication is further ensured.
Further, setting a validity period for the third key group;
and when the establishment time of the third key group exceeds the validity period or the physical connection between the first terminal and the second terminal is disconnected, the first terminal and the second terminal renegotiate the third key group.
As can be seen from the above description, by setting the validity period for the third key set, when the validity period expires or the two parties of communication disconnect the physical connection, the negotiation of the key set is resumed.
Referring to fig. 2, a negotiation system for a secret key of a secure channel includes a first terminal, a second terminal and an authentication server, where the first terminal is a data security device and the second terminal is a non-data security device;
the first terminal comprises a first memory, a first processor and a first computer program stored on the first memory and executable on the first processor, the second terminal comprises a second memory, a second processor and a second computer program stored on the second memory and executable on the second processor, the authentication server comprises a third memory, a third processor and a third computer program stored on the third memory and executable on the third processor, the first processor implements the following steps when executing the first computer program:
s1, receiving the first temporary public key sent by the authentication server;
s2, generating a second random number and a corresponding second temporary public key, and sending the second temporary public key to the second terminal through the authentication server;
s3, negotiating a key of a secure channel between the second random number and the first temporary public key and the second terminal according to the second random number and the first temporary public key;
the second processor, when executing the second computer program, implements the steps of:
s1, receiving the first random number sent by the authentication server;
s2, receiving a second temporary public key sent by the authentication server;
s3, negotiating a key of a secure channel between the first random number and the second temporary public key and the first terminal according to the first random number and the second temporary public key;
the third processor, when executing the third computer program, performs the steps of:
s1, generating a first random number and a corresponding first temporary public key, sending the first temporary public key to a first terminal which is mutually trusted with the first temporary public key, and sending the first random number to a second terminal which is mutually trusted with the first temporary public key;
and S2, sending the second temporary public key generated by the first terminal to the second terminal.
As can be seen from the above description, the beneficial effects of the present invention are: introducing an authentication server except a first terminal and a second terminal of two communication parties as a trusted party, wherein the first terminal and the authentication server are mutually trusted, and the second terminal and the authentication server are mutually trusted; generating a first random number and a corresponding first temporary public key by an authentication server, sending the first random number to a first terminal, sending the first temporary public key to a second terminal, generating a second random number and a corresponding second temporary public key by the second terminal, forwarding the second temporary public key to the first terminal by the authentication server, enabling the first terminal and the second terminal to mutually trust the identity of each other by the authentication server, realizing the interchange of the temporary public keys, and obtaining a key for realizing a highly reliable data security channel between the first terminal and the second terminal according to the mutual negotiation of the respective random numbers and the temporary public keys, wherein although the second terminal does not have a physical security protection mechanism, on one hand, the trust server is used as a trust broker, on the other hand, the first random number and the corresponding first temporary public key of the key negotiation between the first terminal and the second terminal are generated by the authentication server, thereby improving the security of the communication between the first terminal, such as a payment terminal, and the second terminal, such as a mobile terminal.
Further, the first terminal and the second terminal respectively establish a secure channel with the authentication server to realize mutual trust with the authentication server.
According to the description, the authentication server respectively carries out the secure channel with the first terminal and the second terminal, and the security of data interacted between the first terminal and the second terminal is guaranteed, so that mutual trust is realized, and the security of communication is improved.
Further, the establishing, by the first terminal and the second terminal, the secure channels with the authentication server respectively includes:
the first terminal and the authentication server share a first key group, and different first terminals have different first key groups;
the second terminal shares a second key group with the authentication server, and different second terminals have different second key groups.
It can be known from the above description that the shared key group ensures that the authentication server establishes a point-to-point secure channel with the first terminal and the second terminal, respectively, and different terminals share different key groups with the authentication server, thereby further improving the security of the communication between the authentication server and the first terminal and the second terminal, respectively.
Further, the first key set and the second key set are derived based on DUKPT key derivation protocol.
As can be seen from the above description, deriving the key group between the authentication server and the terminal based on the DUKPT key derivation protocol can further improve the security of communication between the authentication server and the first terminal and the second terminal, and prevent disclosure of secrets, because the key used by the DUKPT in each transaction is not used in the subsequent transaction, and the transaction terminal does not contain any information about the transaction key used by the transaction terminal before, and does not contain any transaction password used by other transaction terminals or to be used in the future, so there is no disclosure problem.
Further, the first processor, when executing the first computer program, implements the steps of:
the step S1 is preceded by the steps of:
s01, generating a current first key group according to the serial number of the first terminal;
the second processor, when executing the second computer program, implements the steps of:
the step S1 is preceded by the steps of:
s01, generating a current second key group according to the serial number of the second terminal;
s02, forwarding a request for uploading a first terminal serial number sent by the authentication server to the first terminal;
receiving a first terminal serial number sent by the first terminal, and sending a request for acquiring a first random number to the authentication server, wherein the request comprises the first terminal serial number and a second terminal serial number;
the third processor, when executing the third computer program, performs the steps of:
the step S1 is preceded by the steps of:
s01, receiving a request for acquiring a first random number sent by the second terminal;
s02, respectively determining a current first key group of the first terminal and a current second key group of the second terminal according to the first terminal serial number and the second terminal serial number;
in step S1, the sending the first temporary public key to a first terminal trusted mutually with the first temporary public key, and the sending the first random number to a second terminal trusted mutually with the first temporary public key includes:
the first terminal and the second terminal mutually authenticate through the first key group to realize that the first temporary public key is sent to the first terminal;
and the second terminal mutually authenticates through the second key group, so that the first random number is sent to the second terminal.
As can be seen from the above description, the first terminal and the second terminal respectively determine their current first key group and second key group according to their respective terminal serial numbers, the second terminal serves as a relay and sends the serial numbers of the first terminal and the second terminal to the authentication server, and the authentication server obtains the corresponding first key group and second key group according to the serial number of the terminal and performs mutual authentication according to the key groups shared by the authentication server and the first terminal and the second terminal, thereby ensuring the security of communication therebetween and improving the reliable security of data transmission.
Further, the second key group comprises a second data encryption key, a second terminal authentication code key and a second authentication server authentication code key;
the request to obtain the first random number further comprises:
generating a second terminal authentication code according to the message of the request for acquiring the first random number and the second terminal authentication code key;
including the second terminal authentication code in the request to obtain the first random number;
the mutual authentication between the first terminal and the second terminal through the second key group, and the sending of the first random number to the second terminal includes:
the third processor, when executing the third computer program, performs the steps of:
verifying the second terminal authentication code using the second terminal authentication code key;
encrypting the first random number by using the second data encryption key, generating a second authentication server authentication code according to the encrypted first random number and the second authentication server authentication code key, and sending the encrypted first random number and the encrypted second authentication server authentication code to the second terminal;
the second processor, when executing the second computer program, implements the steps of:
verifying the second authentication server authentication code by using the second authentication server authentication code key, decrypting the encrypted first random number by using the second data encryption key, and acquiring and storing the first random number;
the first key set comprises a first authentication server authentication code key;
the mutual authentication between the first terminal and the first terminal through the first key group, and the sending of the first temporary public key to the first terminal includes:
the third processor, when executing the third computer program, performs the steps of:
generating a first authentication server authentication code according to the first temporary public key and the first authentication server authentication code key, and sending the first temporary public key and the first authentication server authentication code to the first terminal through the second terminal;
the first processor, when executing the first computer program, implements the steps of:
and verifying the first authentication server authentication code by adopting the first authentication server authentication code key, and acquiring and storing the first temporary public key.
Further, the first key group further comprises a first terminal authentication code key;
the generating a second random number and a corresponding second temporary public key, and sending the second temporary public key to the second terminal through the authentication server includes:
generating a second random number and a corresponding second temporary public key, generating a first terminal authentication code according to the second temporary public key and a first terminal authentication code key, and sending the second temporary public key and the first terminal authentication code to the authentication server through the second terminal;
the third processor, when executing the third computer program, performs the steps of:
verifying the first terminal authentication code through the first terminal authentication code key to obtain the second temporary public key;
generating a third authentication server authentication code according to the second temporary public key and the second authentication server authentication code key, and sending the second temporary public key and the third authentication server authentication code to the second terminal;
the second processor, when executing the second computer program, implements the steps of:
and verifying the authentication code of the third authentication server by adopting the authentication code key of the second authentication server, and acquiring and storing the second temporary public key.
As can be seen from the above description, the key group shared between the authentication server and the first and second terminals includes authentication code keys in two directions to authenticate the identity of the other party, and the key group shared between the server and the first terminal further includes an encryption key for encrypting data transmitted therebetween, so as to ensure the security of the transmitted data.
Further, the first terminal and the second terminal both adopt an ECDH key agreement protocol to negotiate a key of a secure channel between them.
As can be seen from the above description, a key can be negotiated by an ECDH key agreement protocol under the condition that the first terminal and the second terminal do not share any key, and the mutual trust between the first terminal and the second terminal of both parties of communication is ensured by introducing an authentication server that respectively trusts with the first terminal and the second terminal, so that the problem that the ECDH key agreement protocol cannot solve the mutual trust between both parties of communication is solved by using the authentication server as an authentication broker, and the security of the negotiated key is ensured.
Further, after the first terminal and the second terminal negotiate a key of a secure channel therebetween, the method further includes:
and the first terminal and the second terminal respectively generate a third data encryption key, a first terminal to second terminal direction authentication code key and a second terminal to first terminal direction authentication code key by adopting a KDF key derivation algorithm according to the negotiated keys, and the third data encryption key, the first terminal to second terminal direction authentication code key and the second terminal to first terminal direction authentication code key are used as a third key group of a security channel between the first terminal and the second terminal.
As can be seen from the above description, after the two communication parties negotiate the key of the secure channel between them, the key of the required number can be further generated by using the KDF key derivation algorithm according to the negotiated key, and the key is used as the key group required for the communication between them, which not only improves the flexibility of generating the cipher group, but also improves the security of the communication between them.
Further, the second key group is hidden in the application program of the second terminal by adopting a key white-box technology.
As can be seen from the above description, since the second terminal is a non-data security device, there is no secure physical environment that can guarantee data security, and the key stored in the code can be encrypted by using the key white-box technology, so as to enhance security protection of the key in the program in the non-secure environment.
Further, the second key set is updated periodically.
As can be seen from the above description, since the key white-box technology cannot guarantee the security of the key for a long time, the security of the key is further guaranteed by periodic updating.
Further, the third processor, when executing the third computer program, implements the steps of:
after the first terminal and the second terminal negotiate a key of a secure channel between the first terminal and the second terminal, respectively and periodically sending a query command to the first terminal and the second terminal, and periodically receiving terminal unique identification information sent by the first terminal and the second terminal;
and respectively determining the legality of the first terminal and the legality of the second terminal according to the respective terminal unique identification information of the first terminal and the second terminal.
As can be seen from the above description, after the secure channel is established between the first terminal and the second terminal, the authentication server periodically queries the first terminal and the second terminal to determine the legitimacy of the first terminal and the second terminal, so that the legitimacy of the first terminal and the second terminal can be tracked, and the security of communication is further ensured.
Further, setting a validity period for the third key group;
and when the establishment time of the third key group exceeds the validity period or the physical connection between the first terminal and the second terminal is disconnected, the first terminal and the second terminal renegotiate the third key group.
As can be seen from the above description, by setting the validity period for the third key set, when the validity period expires or the two parties of communication disconnect the physical connection, the negotiation of the key set is resumed.
The method and the system for negotiating the key of the secure channel can be applied to all scenes that one party of communication parties is data security equipment, such as a secure payment terminal with a security module for storing the secure key, the other party is non-data security equipment, such as a common mobile terminal, and a third party trust center, such as an authentication server, can be introduced, and the following description is combined with specific application scenes:
example one
Referring to fig. 1, a method for negotiating a secret key of a secure channel includes:
s1, the authentication server generates a first random number and a corresponding first temporary public key, the first temporary public key is sent to a first terminal which is mutually trusted with the first temporary public key, the first random number is sent to a second terminal which is mutually trusted with the first random number, the first terminal is a data security device, and the second terminal is a non-data security device;
s2, the first terminal generates a second random number and a corresponding second temporary public key, and the second temporary public key is sent to the second terminal through the authentication server;
s3, the first terminal and the second terminal negotiate the key of the secure channel between the first terminal and the second terminal according to the random number and the temporary public key of each terminal;
the first terminal and the second terminal respectively establish a secure channel with the authentication server to realize mutual trust with the authentication server;
specifically, the establishing, by the first terminal and the second terminal, the secure channel with the authentication server respectively includes:
the first terminal and the authentication server share a first key group, and different first terminals have different first key groups;
the second terminal and the authentication server share a second key group, and different second terminals have different second key groups;
the first key set and the second key set are both derived based on a DUKPT key derivation protocol;
DUKPT, a Derived Unique Key Per Transaction, chinese translation, is a Unique derivative Key Per Transaction, which is a special Key management scheme defined in ANSI X9.24. The key used in practice can be realized, and the key is forbidden to be used again after being used up; this method is different from the general UKPT (one time pad), and the realization principle is more complex relative to MK/SK; the transaction terminal using the technology can not be used any more in the following transaction because the key used in each transaction is used; moreover, the transaction terminal does not contain any related information of the transaction key used by the transaction terminal before, and does not contain any transaction key used by other transaction terminals or to be used in the future, so the leakage of the transaction key used before can be greatly reduced; moreover, the DUKPT method is used, and the encrypted new transaction key does not need to be downloaded from the communication network frequently like the MK/SK method, so the possibility of obtaining the new key through eavesdropping is greatly reduced;
the key of the system has the following characteristics:
firstly, a terminal needs to download an initial key IK in advance and distribute the initial key IK to a terminal key serial number KSN, during communication, the terminal needs to upload the KSN, and a server side can synchronize an IK identical to the terminal according to the KSN;
secondly, the terminal sends a KEY transaction count TC, the server can calculate an actual KEY KEY used by the current terminal according to the TC, after the TC is used up each time, the terminal changes the TC according to rules, and the actual KEY corresponding to the previous TC is discarded, so that the security of the KEY is greatly improved; .
In step S3, the first terminal and the second terminal both adopt an ECDH key agreement protocol to negotiate a key of a secure channel therebetween;
the working principle of the ECDH is as follows:
the method is characterized in that an ECC algorithm and a DH (data encryption and decryption) are used in combination and are used for key negotiation, the key exchange algorithm is called ECDH, and two exchange parties can negotiate a key without sharing any secret;
ECC is a cryptosystem established on a discrete logarithm problem based on an elliptic curve, and given a point P and an integer k on the elliptic curve, the solution Q is easy to be solved; given a point P, Q, knowing Q ═ kP, it is a difficult problem to solve the integer k, and ECDH builds on this mathematical problem. And (3) key consultation process:
suppose that both key exchanges are Alice, Bob, which have shared curve parameters (elliptic curve E, order N, base point G).
1) And generating a random integer a by Alice, calculating A to a G, and generating a temporary public key A of Alice, wherein A is the transformation of the random number a and is not the identity authentication key of A.
2) Bob generates a random integer B, calculates B-B-G, and generates a Bob temporary public key B, which is the transformation of the random number B and is not the identity authentication key of B;
3) alice transmits A to Bob, and the transmission of A can be disclosed, namely an attacker can obtain A;
since the discrete logarithm problem of elliptic curves is a difficult problem, an attacker cannot calculate a through A, G.
4) Bob transmits B to Alice, and similarly, the transmission of B can be disclosed;
5) bob receives A transmitted by Alice, and calculates Q b A, namely, Bob obtains a symmetric secret key Q through a private key of Bob and a public key of Alice;
6) the method comprises the steps that Alice receives B transmitted by Bob, and calculates Q 'a B, namely Alice obtains a symmetric secret key Q' through a private key of Alice and a public key of Bob;
alice and Bob obtain Q ═ B ═ a ═ B ═ G ═ (B ═ a) ═ G ═ (a ═ B) ═ G ═ a ═ (B ═ G) ═ a ═ B ═ Q' (commutative law and binding law), that is, both obtain a consistent secret key Q;
the key agreement protocol of the ECDH can not solve the mutual trust problem of the two communication parties, but the technical proposal of the invention introduces an authentication server which is trusted by the two communication parties, and the authentication server is used as a trust broker to solve the mutual trust problem of the two communication parties in the key agreement protocol of the ECDH.
Example two
On the basis of the first embodiment, the second embodiment further illustrates how the authentication server and the first terminal and the second terminal respectively implement mutual authentication based on the shared password set, so as to solve the mutual trust problem between the two parties:
the step S1 is preceded by the steps of:
s01, the first terminal and the second terminal respectively generate respective current first key group and second key group according to respective serial numbers;
specifically, this embodiment is described by an application scenario of an interaction between a secure payment terminal SPT and a general mobile terminal, and an additional background authentication Server (Backend Server) that respectively trusts the secure payment terminal SPT and the general mobile terminal, where the background authentication Server (Backend Server) is used to prove the identity of the payment terminal to the mobile terminal and prove the identity of the mobile terminal to the payment terminal during the establishment of a data security channel, an application program (MP _ APP) on the mobile terminal is used to interact with the payment terminal and the background authentication Server during the establishment of the data security channel and finally establish a security channel with the payment terminal, and the trusted Secure Payment Terminal (SPT) is used to interact with the mobile terminal and special protocol data during the establishment of the data security channel and finally establish a security channel with the mobile terminal, the background authentication server is connected with an encryption equipment HSM, and the system architecture diagram of the background authentication server is shown in fig. 3:
the background authentication server will download different KEYserver-SPT key groups, namely a first key group, aiming at each SPT device in advance, wherein the key groups are derived based on a DUKPT key derivation protocol, the key groups are symmetric keys, each key group actually consists of a data encryption key and two authentication keys (MAC keys) representing different communication directions, namely, the communication from the background authentication server to the SPT deviceAuthentication KEY of direction, authentication KEY of communication direction from SPT equipment to background authentication server, different SPT equipment and KEYserver-SPTThe key sets are different;
the background authentication server side can index the corresponding KEY according to the KSN _ SPT serial number sent by the SPT equipmentserver-SPTA set of keys; the moment of downloading the set of keys is generally the production phase; because the background authentication server and the SPT equipment share the group of secret keys, a point-to-point safe channel can be established between the background authentication server and the SPT equipment;
background authentication server generation KEYserver-MP_APPA key group, namely a second key group, wherein keys in the key group are symmetric keys, are maintained by a background authentication server, and are derived based on a DUKPT key derivation protocol; each group of keys actually consists of a data encryption key and two authentication keys (MAC keys) representing different communication directions, namely the authentication key from the background authentication server to the common mobile terminal in the communication direction and the authentication key from the common mobile terminal to the background authentication server in the communication direction, and the group of keys are hidden in an application program of the common mobile terminal by adopting a key white-box scheme;
the application program (MP _ APP) on the ordinary mobile terminal is updated periodically by the operator server, and the group of keys can guarantee the security of the keys for a relatively long time (for example, within 1 month) due to the adoption of the key white-box technology, which is a technical means for encrypting the keys stored in the codes, so that the security protection of the keys in the program under the non-secure environment can be strengthened theoretically, but the long-term security cannot be guaranteed, and the keys are replaced periodically; therefore, the background authentication server can periodically upgrade the program in the key security period and change the group of keys;
each KEY in the common mobile terminal MP _ APP has a corresponding KSN _ MP _ APP index number, and the background authentication server finds a corresponding KEY according to the KSN _ MP _ APP number uploaded by the common mobile terminalserver-MP_APPA set of keys; since the background authentication server and the MP _ APP software share the group of key groups, a point-to-point secure channel can be established between the background authentication server and the MP _ APP softwareTo the process;
s02, the second terminal forwards a request for uploading a first terminal serial number sent by the authentication server to the first terminal;
the second terminal receives a first terminal serial number sent by the first terminal, and sends a request for acquiring a first random number to the authentication server, wherein the request comprises the first terminal serial number and a second terminal serial number;
specifically, the MP _ APP receives a command "request SPT to upload KSN _ SPT" sent by the background authentication server;
MP _ APP forwards the command to SPT;
the SPT acquires the current KSN _ SPT and sends the KSN _ SPT to the MP _ APP;
the MP _ APP acquires the KSN _ SPT, acquires the current KSN _ MP _ APP at the same time, and sends a request for acquiring a first random number to a background authentication server, wherein the request comprises the KSN _ SPT and the KSN _ MP _ APP;
s03, the authentication server respectively determines a current first key group of the first terminal and a current second key group of the second terminal according to the first terminal serial number and the second terminal serial number;
in step S1, the sending the first temporary public key to a first terminal trusted mutually with the first temporary public key, and the sending the first random number to a second terminal trusted mutually with the first temporary public key includes:
the authentication server and the first terminal verify each other through the first key group to realize that the first temporary public key is sent to the first terminal;
the authentication server and the second terminal mutually verify through the second key group to realize that the first random number is sent to the second terminal;
the mutual verification between the authentication server and the first terminal and between the authentication server and the second terminal is as follows:
the second KEY set is KEYserver-MP_APPA key set including a second data encryption key TKMP_APPdataA second terminal authentication code key TKMacReqMP_APPAnd a second authentication server authentication code key TKMacRespMP_APP;
The request to obtain the first random number further comprises:
generating a second terminal authentication code according to the message of the request for acquiring the first random number and the second terminal authentication code key;
including the second terminal authentication code in the request to obtain the first random number;
specifically, the message of the request for obtaining the first random number includes data:
DATA=KSN_SPT||KSN_MP_APP||GetRandom_a_TAG;
by TKMacReqMP_APPCalculating a second terminal authentication code for said DATA:
{DATA}TKMacReqMP_APPwherein, in the embodiment of the invention:
{ data } k means the authentication code of data (typically MAC (generated with 'k' key));
the data sent by MP _ APP to the backend authentication server is:
MAG=DATA||{DATA}TKMacReqMP_APP
the authentication server and the second terminal mutually verify through the second key group, and the sending of the first random number to the second terminal comprises the following steps:
the authentication server obtains the KEY currently and actually used by the MP _ APP according to the KSN _ MP _ AP contained in the data sent by the MP _ APP to the back-end authentication serverserver-MP_APPA key group, using a second terminal authentication code key TK in the key groupMacReqMP_APPVerifying the second terminal authentication code { DATA } TKMacReqMP_APP;
If the verification is passed, the authentication server generates random numbers a and aG for random numbers used by ECDH key exchange protocol, and adopts the second data encryption key TKMP_APPdataEncrypting the first random number a, generating a second authentication server authentication code according to the encrypted first random number and the second authentication server authentication code key, and encrypting the encrypted first random numberAnd a second authentication server authentication code is sent to the second terminal;
specifically, generating an encrypted first random number:
DATA=[Random ECDH'a']TKMP_APP datawherein, in the embodiment of the invention:
[ data ] k means a ciphertext of data encrypted with a key k;
and transmitting MSG ═ DATA | { DATA } TKMacRespMP_APPGiving MP _ APP;
the MP _ APP adopts the second authentication server authentication code key TKMacRespMP_APPVerifying the second authentication server authentication code { DATA } TKMacRespMP_APPIf the verification is passed, the second data encryption key TK is adoptedMP_APP dataDecrypting the encrypted first random number to obtain and store the first random number a;
the first KEY set, KEYserver-SPTA key group including a first authentication server authentication code key TKMacRespSPT;
The authentication server and the first terminal mutually verify through the first key group, and the sending of the first temporary public key to the first terminal comprises the following steps:
the authentication server generates a first authentication server authentication code according to the first temporary public key and the first authentication server authentication code key, and sends the first temporary public key and the first authentication server authentication code to the first terminal through the second terminal;
specifically, the background authentication server acquires the KEY by using the KSN _ SPTserver-SPTKey set using TKs in the key setMacRespSPTCalculating a first authentication server authentication code of the first temporary public key aG, and deleting a; and transmitting MSG (MSG) -aG (aG) TK to MP _ APPMACSPTMP _ APP forwards the MSG to SPT;
the first terminal adopts the first authentication server authentication code key to verify the first authentication server authentication code, and acquires and stores the first temporary public key;
specifically, SThe PT obtains the current KEY through calculation according to the KSN _ SPTserver-SPTSet of keys, using TKMacRespSPTVerification of { aG } TKMACSPTIf the verification is passed, keeping the first temporary public key aG;
the first KEY group KEYserver-SPTThe key group also comprises a first terminal authentication code key TKMacReqSPT;
The step S2 includes:
the first terminal generates a second random number and a corresponding second temporary public key, generates a first terminal authentication code according to the second temporary public key and a first terminal authentication code key, and sends the second temporary public key and the first terminal authentication code to the authentication server through the second terminal;
the authentication server verifies the first terminal authentication code through the first terminal authentication code key to obtain the second temporary public key;
the authentication server generates a third authentication server authentication code according to the second temporary public key and the second authentication server authentication code key, and sends the second temporary public key and the third authentication server authentication code to the second terminal;
the second terminal verifies the third authentication server authentication code by adopting the second authentication server authentication code key, and acquires and stores the second temporary public key;
specifically, the SPT generates a second random number b and a corresponding second temporary public key bG for the ECDH key exchange protocol, and uses the first terminal authentication code key TK as the bGMacReqSPTAfter the MAC is calculated, the MAC is sent to a background authentication server through a common mobile terminal MP _ APP, and the sent data are as follows:
MSG=bG||{bG}TKMacReqSPT;
the background authentication server uses TKMacReqSPTVerification of { bG } TKMacReqSPTAfter the verification is passed, a second temporary public key bG is obtained;
the background authentication server sends data MSG ═ bG | { bG } TK to the MP _ APPMacRespMP_APP;
MP _ APP uses TKMacRespMP_APPVerification of { bG } TKMacRespMP_APPAcquiring and storing a second temporary public key bG;
through the verification, the identity of the opposite party is authenticated between the MP _ APP and the SPT by using the server, the MP _ APP and the two secure channels between the server and the SPT on the basis that the background authentication server is used as a credit granting party, and a temporary key of the secure channel between the MP _ APP and the SPT is generated based on the ECDH key agreement principle;
in the above interaction process, the SPT and the background authentication server are not in direct physical contact, and the communication between them is relayed through the MP _ APP, but the SPT is pre-installed with the first key group managed by the background authentication server in the production phase, so the communication between the SPT and the background authentication server is also point-to-point secure communication, and the MP _ APP is used as a data relay, and data that both parties need to keep secret cannot be obtained.
EXAMPLE III
In this embodiment, on the basis of the first embodiment or the second embodiment, after the step S3, the method further includes:
the first terminal and the second terminal respectively generate a third data encryption key, a first terminal to second terminal direction authentication code key and a second terminal to first terminal direction authentication code key by adopting a KDF key derivation algorithm according to the negotiated keys, and the third data encryption key, the first terminal to second terminal direction authentication code key and the second terminal to first terminal direction authentication code key are used as a third key group of a security channel between the first terminal and the second terminal;
specifically, a key abG of a temporary secure channel between the SPT and the MP _ APP is generated based on the ECDH key agreement principle;
generating a third key set using a KDF key derivation algorithm according to abG;
the specific setting of the KDF algorithm is as follows:
the key derivation is performed according to the key derivation method described in < NIST Special Publication 800-108>, and optionally, specific parameters may be as follows:
the function functions as: HMAC-SHA 256;
mode (2): a Counter mode;
context: (aG) x | (aG) y | (bG) x | (bG) y, wherein | | means that the front content and the rear content are spliced;
L=256;
Counter=0;
the third data encryption key KMP_APP-SPT data=KDF[0-15]MP _ APP to SPT authentication code key KMacReqMP_APP-SPT=KDF[16-31](ii) a SPT to MP _ APP authentication code key: counter 1, which is the same as the parameter set forth above, KMacRespMP_APP-SPT=KDF[0-15];
The step S3 is followed by:
the authentication server respectively sends query commands to the first terminal and the second terminal periodically (for example, 8 minutes, not longer than 10 minutes), and periodically receives terminal unique identification information sent by the first terminal and the second terminal, wherein the terminal unique information includes software and hardware information;
respectively determining the legality of the first terminal and the legality of the second terminal according to the respective terminal unique identification information of the first terminal and the second terminal;
setting a validity period for the third key group, wherein the preferred validity period is 24 hours;
when the establishment time of the third key group exceeds the validity period or the physical connection between the first terminal and the second terminal is disconnected, the first terminal and the second terminal renegotiate the third key group, that is, renegotiate according to the above steps to obtain a key abG for establishing the secure channel between the two terminals, and generate the third key group by using a KDF algorithm;
the number of generated specific keys can be set according to actual requirements, and a plurality of keys can be negotiated;
the negotiation method of the key of the secure channel can be applied to the scene of the mobile sales terminal, a merchant can input PIN on own common mobile equipment, transmit the PIN to the secure payment terminal through the secure data channel established by the negotiation, and then safely transmit the PIN to the background server through the mobile terminal after the packaging and encryption operation of the whole transaction message is realized on the secure payment terminal, so that the popularization of electronic payment transaction is increased.
Example four
Referring to fig. 2, a negotiation system 10 for a secret key of a secure channel includes a first terminal 1, a second terminal 4 and an authentication server 7, where the first terminal 1 is a data security device, and the second terminal 4 is a non-data security device;
the first terminal 1 comprises a first memory 2, a first processor 3 and a first computer program stored on the first memory 2 and operable on the first processor 3, the second terminal 4 comprises a second memory 5, a second processor 6 and a second computer program stored on the second memory 5 and operable on the second processor 6, the authentication server 7 comprises a third memory 8, a third processor 9 and a third computer program stored on the third memory 8 and operable on the third processor 9, the first processor 3 implements the steps performed by the first terminal 1 in any one of the embodiments one to three when executing the first computer program, the second processor 6 implements the steps performed by the second terminal 4 in any one of the embodiments one to three when executing the second computer program, the third processor 9, when executing the third computer program, implements the steps performed by the authentication server 7 in any one of the first to third embodiments.
In summary, the method and system for negotiating a key of a secure channel according to the present invention introduces a third-party backend server outside both communication parties as a trusted party, where a first terminal and the backend server trust each other, a second terminal and the backend server trust each other, and the second terminal has a physical security protection mechanism, but on one hand, the backend server is used as a trust broker, and on the other hand, the key random number used by the first terminal and the second terminal is also generated by the backend server, so that there is no possibility of forgery, and a key group for directly authenticating the backend server and the first terminal and the second terminal with each other is derived based on a DUKPT key derivation protocol, and a key group for negotiating a secure channel between the first terminal and the second terminal is negotiated by using an ECDH key negotiation protocol, and a key group for secure communication between the first terminal and the second terminal is generated according to the negotiated key after the key negotiation is completed, the validity period of the key group is set, and the first terminal and the second terminal are regularly tracked through the background server, so that the safety of the key group used by a safety channel between the first terminal and the second terminal is greatly improved, and the safety and reliability of the communication between the first terminal and the second terminal are improved.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.
Claims (26)
1. A method for negotiating a key for a secure channel, comprising:
s1, the authentication server generates a first random number and a corresponding first temporary public key, the first temporary public key is sent to a first terminal which is mutually trusted with the first temporary public key, the first random number is sent to a second terminal which is mutually trusted with the first random number, the first terminal is a data security device, and the second terminal is a non-data security device;
s2, the first terminal generates a second random number and a corresponding second temporary public key, and the second temporary public key is sent to the second terminal through the authentication server;
s3, and the first terminal and the second terminal negotiate a key of the secure channel therebetween according to the respective random numbers and the temporary public key.
2. The method of claim 1, wherein the first terminal and the second terminal respectively establish a secure channel with the authentication server to achieve mutual trust with the authentication server.
3. The method of claim 2, wherein the establishing the secure channel between the first terminal and the authentication server by the second terminal comprises:
the first terminal and the authentication server share a first key group, and different first terminals have different first key groups;
the second terminal shares a second key group with the authentication server, and different second terminals have different second key groups.
4. The method of claim 3, wherein the first key set and the second key set are derived based on a DUKPT key derivation protocol.
5. The method for negotiating a key for a secure channel according to claim 3 or 4, wherein said step S1 is preceded by the steps of:
s01, the first terminal and the second terminal respectively generate respective current first key group and second key group according to respective serial numbers;
s02, the second terminal forwards a request for uploading a first terminal serial number sent by the authentication server to the first terminal;
the second terminal receives a first terminal serial number sent by the first terminal, and sends a request for acquiring a first random number to the authentication server, wherein the request comprises the first terminal serial number and a second terminal serial number;
s03, the authentication server respectively determines a current first key group of the first terminal and a current second key group of the second terminal according to the first terminal serial number and the second terminal serial number;
in step S1, the sending the first temporary public key to a first terminal trusted mutually with the first temporary public key, and the sending the first random number to a second terminal trusted mutually with the first temporary public key includes:
the authentication server and the first terminal verify each other through the first key group to realize that the first temporary public key is sent to the first terminal;
and the authentication server and the second terminal mutually verify through the second key group to realize the transmission of the first random number to the second terminal.
6. The method for negotiating a key for a secure channel according to claim 5,
the second key group comprises a second data encryption key, a second terminal authentication code key and a second authentication server authentication code key;
the request to obtain the first random number further comprises:
generating a second terminal authentication code according to the message of the request for acquiring the first random number and the second terminal authentication code key;
including the second terminal authentication code in the request to obtain the first random number;
the authentication server and the second terminal mutually verify through the second key group, and the sending of the first random number to the second terminal comprises the following steps:
the authentication server verifies the second terminal authentication code by using the second terminal authentication code key;
the authentication server encrypts the first random number by using the second data encryption key, generates a second authentication server authentication code according to the encrypted first random number and the second authentication server authentication code key, and sends the encrypted first random number and the encrypted second authentication server authentication code to the second terminal;
the second terminal adopts the second authentication server authentication code key to verify the second authentication server authentication code, and adopts the second data encryption key to decrypt the encrypted first random number, so as to obtain and store the first random number;
the first key set comprises a first authentication server authentication code key;
the authentication server and the first terminal mutually verify through the first key group, and the sending of the first temporary public key to the first terminal comprises the following steps:
the authentication server generates a first authentication server authentication code according to the first temporary public key and the first authentication server authentication code key, and sends the first temporary public key and the first authentication server authentication code to the first terminal through the second terminal;
and the first terminal adopts the first authentication server authentication code key to verify the first authentication server authentication code, and acquires and stores the first temporary public key.
7. The method of claim 5, wherein the first key set further comprises a first terminal authentication code key;
the step S2 includes:
the first terminal generates a second random number and a corresponding second temporary public key, generates a first terminal authentication code according to the second temporary public key and a first terminal authentication code key, and sends the second temporary public key and the first terminal authentication code to the authentication server through the second terminal;
the authentication server verifies the first terminal authentication code through the first terminal authentication code key to obtain the second temporary public key;
the authentication server generates a third authentication server authentication code according to the second temporary public key and the second authentication server authentication code key, and sends the second temporary public key and the third authentication server authentication code to the second terminal;
and the second terminal adopts the second authentication server authentication code key to verify the third authentication server authentication code, and acquires and stores the second temporary public key.
8. The method as claimed in claim 1, wherein in step S3, the first terminal and the second terminal both use ECDH key agreement protocol to negotiate the key of the secure channel therebetween.
9. The method for negotiating a key for a secure channel according to claim 1 or 8, wherein said step S3 is followed by further comprising:
and the first terminal and the second terminal respectively generate a third data encryption key, a first terminal to second terminal direction authentication code key and a second terminal to first terminal direction authentication code key by adopting a KDF key derivation algorithm according to the negotiated keys, and the third data encryption key, the first terminal to second terminal direction authentication code key and the second terminal to first terminal direction authentication code key are used as a third key group of a security channel between the first terminal and the second terminal.
10. The method of claim 5, wherein the second key set is hidden in the application program of the second terminal by using a key white-box technology.
11. The method of claim 10, wherein the second key set is updated periodically.
12. The method for negotiating a key for a secure channel according to claim 1 or 8, wherein said step S3 is followed by further comprising:
the authentication server respectively sends query commands to the first terminal and the second terminal periodically and receives terminal unique identification information sent by the first terminal and the second terminal periodically;
and respectively determining the legality of the first terminal and the legality of the second terminal according to the respective terminal unique identification information of the first terminal and the second terminal.
13. The method of claim 9, wherein a validity period is set for the third key set;
and when the establishment time of the third key group exceeds the validity period or the physical connection between the first terminal and the second terminal is disconnected, the first terminal and the second terminal renegotiate the third key group.
14. A negotiation system of a key of a secure channel comprises a first terminal, a second terminal and an authentication server, wherein the first terminal is a data security device, and the second terminal is a non-data security device;
the first terminal comprising a first memory, a first processor and a first computer program stored on the first memory and executable on the first processor, the second terminal comprising a second memory, a second processor and a second computer program stored on the second memory and executable on the second processor, the authentication server comprising a third memory, a third processor and a third computer program stored on the third memory and executable on the third processor, characterized in that the first processor implements the following steps when executing the first computer program:
s1, receiving the first temporary public key sent by the authentication server;
s2, generating a second random number and a corresponding second temporary public key, and sending the second temporary public key to the second terminal through the authentication server;
s3, negotiating a key of a secure channel between the second random number and the first temporary public key and the second terminal according to the second random number and the first temporary public key;
the second processor, when executing the second computer program, implements the steps of:
s1, receiving the first random number sent by the authentication server;
s2, receiving a second temporary public key sent by the authentication server;
s3, negotiating a key of a secure channel between the first random number and the second temporary public key and the first terminal according to the first random number and the second temporary public key;
the third processor, when executing the third computer program, performs the steps of:
s1, generating a first random number and a corresponding first temporary public key, sending the first temporary public key to a first terminal which is mutually trusted with the first temporary public key, and sending the first random number to a second terminal which is mutually trusted with the first temporary public key;
and S2, sending the second temporary public key generated by the first terminal to the second terminal.
15. The system for negotiating a key for a secure channel according to claim 14, wherein the first terminal and the second terminal respectively establish a secure channel with the authentication server to realize mutual trust with the authentication server.
16. The system for negotiating a key for a secure channel according to claim 15, wherein the first terminal and the second terminal respectively establish a secure channel with the authentication server includes:
the first terminal and the authentication server share a first key group, and different first terminals have different first key groups;
the second terminal shares a second key group with the authentication server, and different second terminals have different second key groups.
17. The system of claim 16, wherein the first key set and the second key set are derived based on DUKPT key derivation protocol.
18. A system for secure channel key agreement according to claim 16 or 17, characterised in that the first processor, when executing the first computer program, performs the steps of:
the step S1 is preceded by the steps of:
s01, generating a current first key group according to the serial number of the first terminal;
the second processor, when executing the second computer program, implements the steps of:
the step S1 is preceded by the steps of:
s01, generating a current second key group according to the serial number of the second terminal;
s02, forwarding a request for uploading a first terminal serial number sent by the authentication server to the first terminal;
receiving a first terminal serial number sent by the first terminal, and sending a request for acquiring a first random number to the authentication server, wherein the request comprises the first terminal serial number and a second terminal serial number;
the third processor, when executing the third computer program, performs the steps of:
the step S1 is preceded by the steps of:
s01, receiving a request for acquiring a first random number sent by the second terminal;
s02, respectively determining a current first key group of the first terminal and a current second key group of the second terminal according to the first terminal serial number and the second terminal serial number;
in step S1, the sending the first temporary public key to a first terminal trusted mutually with the first temporary public key, and the sending the first random number to a second terminal trusted mutually with the first temporary public key includes:
the first terminal and the second terminal mutually authenticate through the first key group to realize that the first temporary public key is sent to the first terminal;
and the second terminal mutually authenticates through the second key group, so that the first random number is sent to the second terminal.
19. The system for negotiating a key for a secure channel according to claim 18, wherein the second key set includes a second data encryption key, a second terminal authentication code key, and a second authentication server authentication code key;
the request to obtain the first random number further comprises:
generating a second terminal authentication code according to the message of the request for acquiring the first random number and the second terminal authentication code key;
including the second terminal authentication code in the request to obtain the first random number;
the mutual authentication between the first terminal and the second terminal through the second key group, and the sending of the first random number to the second terminal includes:
the third processor, when executing the third computer program, performs the steps of:
verifying the second terminal authentication code using the second terminal authentication code key;
encrypting the first random number by using the second data encryption key, generating a second authentication server authentication code according to the encrypted first random number and the second authentication server authentication code key, and sending the encrypted first random number and the encrypted second authentication server authentication code to the second terminal;
the second processor, when executing the second computer program, implements the steps of:
verifying the second authentication server authentication code by using the second authentication server authentication code key, decrypting the encrypted first random number by using the second data encryption key, and acquiring and storing the first random number;
the first key set comprises a first authentication server authentication code key;
the mutual authentication between the first terminal and the first terminal through the first key group, and the sending of the first temporary public key to the first terminal includes:
the third processor, when executing the third computer program, performs the steps of:
generating a first authentication server authentication code according to the first temporary public key and the first authentication server authentication code key, and sending the first temporary public key and the first authentication server authentication code to the first terminal through the second terminal;
the first processor, when executing the first computer program, implements the steps of:
and verifying the first authentication server authentication code by adopting the first authentication server authentication code key, and acquiring and storing the first temporary public key.
20. The system for negotiating a key for a secure channel according to claim 18, wherein the first key set further includes a first terminal authentication code key;
the generating a second random number and a corresponding second temporary public key, and sending the second temporary public key to the second terminal through the authentication server includes:
generating a second random number and a corresponding second temporary public key, generating a first terminal authentication code according to the second temporary public key and a first terminal authentication code key, and sending the second temporary public key and the first terminal authentication code to the authentication server through the second terminal;
the third processor, when executing the third computer program, performs the steps of:
verifying the first terminal authentication code through the first terminal authentication code key to obtain the second temporary public key;
generating a third authentication server authentication code according to the second temporary public key and the second authentication server authentication code key, and sending the second temporary public key and the third authentication server authentication code to the second terminal;
the second processor, when executing the second computer program, implements the steps of:
and verifying the authentication code of the third authentication server by adopting the authentication code key of the second authentication server, and acquiring and storing the second temporary public key.
21. The system of claim 14, wherein the first terminal and the second terminal negotiate the key of the secure channel therebetween using ECDH key agreement protocol.
22. The system for negotiating a key for a secure channel according to claim 14 or 21, wherein the first terminal and the second terminal further comprise, after negotiating a key for a secure channel therebetween:
and the first terminal and the second terminal respectively generate a third data encryption key, a first terminal to second terminal direction authentication code key and a second terminal to first terminal direction authentication code key by adopting a KDF key derivation algorithm according to the negotiated keys, and the third data encryption key, the first terminal to second terminal direction authentication code key and the second terminal to first terminal direction authentication code key are used as a third key group of a security channel between the first terminal and the second terminal.
23. The system of claim 18, wherein the second key set is hidden in the application of the second terminal by a key white-boxing technique.
24. The system of claim 23, wherein the second key set is updated periodically.
25. A system for secure channel key agreement according to claim 14 or 21, characterised in that the third processor, when executing the third computer program, implements the steps of:
after the first terminal and the second terminal negotiate a key of a secure channel between the first terminal and the second terminal, respectively and periodically sending a query command to the first terminal and the second terminal, and periodically receiving terminal unique identification information sent by the first terminal and the second terminal;
and respectively determining the legality of the first terminal and the legality of the second terminal according to the respective terminal unique identification information of the first terminal and the second terminal.
26. The method of claim 22, wherein a validity period is set for the third key set;
and when the establishment time of the third key group exceeds the validity period or the physical connection between the first terminal and the second terminal is disconnected, the first terminal and the second terminal renegotiate the third key group.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910978196.4A CN110912686B (en) | 2019-10-15 | 2019-10-15 | Method and system for negotiating secret key of security channel |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910978196.4A CN110912686B (en) | 2019-10-15 | 2019-10-15 | Method and system for negotiating secret key of security channel |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110912686A true CN110912686A (en) | 2020-03-24 |
CN110912686B CN110912686B (en) | 2023-05-05 |
Family
ID=69815442
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910978196.4A Active CN110912686B (en) | 2019-10-15 | 2019-10-15 | Method and system for negotiating secret key of security channel |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110912686B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112055019A (en) * | 2020-09-03 | 2020-12-08 | 深圳市百富智能新技术有限公司 | Method for establishing communication channel and user terminal |
CN112153583A (en) * | 2020-09-28 | 2020-12-29 | 中国电子科技集团公司第五十四研究所 | Multi-key negotiation method for encryption and decryption services |
CN112291190A (en) * | 2020-07-28 | 2021-01-29 | 国网思极网安科技(北京)有限公司 | Identity authentication method, terminal and server |
CN112332978A (en) * | 2020-11-10 | 2021-02-05 | 上海商米科技集团股份有限公司 | Remote key injection method based on key agreement |
CN112753203A (en) * | 2020-10-30 | 2021-05-04 | 华为技术有限公司 | Secure communication method and device |
CN113810382A (en) * | 2021-08-24 | 2021-12-17 | 东北大学秦皇岛分校 | Cipher text loading method for resisting SGX side channel attack |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040103283A1 (en) * | 2000-08-18 | 2004-05-27 | Zoltan Hornak | Method and system for authentification of a mobile user via a gateway |
US20090287922A1 (en) * | 2006-06-08 | 2009-11-19 | Ian Herwono | Provision of secure communications connection using third party authentication |
CN101719825A (en) * | 2009-04-30 | 2010-06-02 | 中兴通讯股份有限公司 | Method and system for realizing safe bifurcation call session in IP multimedia subsystem |
CN102034321A (en) * | 2009-09-25 | 2011-04-27 | 国民技术股份有限公司 | Authentication method and system used for wireless payment |
US20120100833A1 (en) * | 2009-06-25 | 2012-04-26 | Zte Corporation | Access Method and System for Cellular Mobile Communication Network |
CN105897416A (en) * | 2016-06-29 | 2016-08-24 | 邓月霞 | Forward end-to-end safe instant communication method based on identity-based password system |
CN106411528A (en) * | 2016-10-17 | 2017-02-15 | 重庆邮电大学 | Lightweight authentication key negotiation method based on implicit certificate |
US20170064554A1 (en) * | 2014-04-25 | 2017-03-02 | Tendyron Corporation | Secure data interaction method and system |
CN107360571A (en) * | 2017-09-08 | 2017-11-17 | 哈尔滨工业大学深圳研究生院 | Anonymity in a mobile network is mutually authenticated and key agreement protocol |
US20180199205A1 (en) * | 2016-01-29 | 2018-07-12 | Tencent Technology (Shenzhen) Company Limited | Wireless network connection method and apparatus, and storage medium |
-
2019
- 2019-10-15 CN CN201910978196.4A patent/CN110912686B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040103283A1 (en) * | 2000-08-18 | 2004-05-27 | Zoltan Hornak | Method and system for authentification of a mobile user via a gateway |
US20090287922A1 (en) * | 2006-06-08 | 2009-11-19 | Ian Herwono | Provision of secure communications connection using third party authentication |
CN101719825A (en) * | 2009-04-30 | 2010-06-02 | 中兴通讯股份有限公司 | Method and system for realizing safe bifurcation call session in IP multimedia subsystem |
US20120100833A1 (en) * | 2009-06-25 | 2012-04-26 | Zte Corporation | Access Method and System for Cellular Mobile Communication Network |
CN102034321A (en) * | 2009-09-25 | 2011-04-27 | 国民技术股份有限公司 | Authentication method and system used for wireless payment |
US20170064554A1 (en) * | 2014-04-25 | 2017-03-02 | Tendyron Corporation | Secure data interaction method and system |
US20180199205A1 (en) * | 2016-01-29 | 2018-07-12 | Tencent Technology (Shenzhen) Company Limited | Wireless network connection method and apparatus, and storage medium |
CN105897416A (en) * | 2016-06-29 | 2016-08-24 | 邓月霞 | Forward end-to-end safe instant communication method based on identity-based password system |
CN106411528A (en) * | 2016-10-17 | 2017-02-15 | 重庆邮电大学 | Lightweight authentication key negotiation method based on implicit certificate |
CN107360571A (en) * | 2017-09-08 | 2017-11-17 | 哈尔滨工业大学深圳研究生院 | Anonymity in a mobile network is mutually authenticated and key agreement protocol |
Non-Patent Citations (8)
Title |
---|
SARRA JEBRI ET AL.: ""LTKA-AC: Lightweight and Trusted Key Agreement Based on IBE with Anonymous Communication"", 《2017 IEEE/ACS 14TH INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS (AICCSA)》 * |
SARRA JEBRI ET AL.: ""LTKA-AC: Lightweight and Trusted Key Agreement Based on IBE with Anonymous Communication"", 《2017 IEEE/ACS 14TH INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS (AICCSA)》, 12 March 2018 (2018-03-12) * |
ZHEN WANG ET AL.: ""Key Escrow Protocol Based on a Tripartite Authenticated Key Agreement and Threshold Cryptography"", 《IEEE ACCESS》 * |
ZHEN WANG ET AL.: ""Key Escrow Protocol Based on a Tripartite Authenticated Key Agreement and Threshold Cryptography"", 《IEEE ACCESS》, vol. 7, 10 October 2019 (2019-10-10) * |
张帆等: "移动智能终端安全即时通信方法", 《计算机应用》 * |
张帆等: "移动智能终端安全即时通信方法", 《计算机应用》, no. 02, 10 February 2017 (2017-02-10) * |
徐平等: "基于移动网络的端到端密钥协商协议", 《东北石油大学学报》 * |
徐平等: "基于移动网络的端到端密钥协商协议", 《东北石油大学学报》, no. 04, 15 August 2012 (2012-08-15) * |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112291190A (en) * | 2020-07-28 | 2021-01-29 | 国网思极网安科技(北京)有限公司 | Identity authentication method, terminal and server |
CN112291190B (en) * | 2020-07-28 | 2022-10-14 | 国网思极网安科技(北京)有限公司 | Identity authentication method, terminal and server |
CN112055019A (en) * | 2020-09-03 | 2020-12-08 | 深圳市百富智能新技术有限公司 | Method for establishing communication channel and user terminal |
CN112153583A (en) * | 2020-09-28 | 2020-12-29 | 中国电子科技集团公司第五十四研究所 | Multi-key negotiation method for encryption and decryption services |
CN112153583B (en) * | 2020-09-28 | 2022-04-01 | 中国电子科技集团公司第五十四研究所 | Multi-key negotiation method for encryption and decryption services |
CN112753203A (en) * | 2020-10-30 | 2021-05-04 | 华为技术有限公司 | Secure communication method and device |
CN112753203B (en) * | 2020-10-30 | 2022-07-12 | 华为技术有限公司 | Secure communication method and device |
CN112332978A (en) * | 2020-11-10 | 2021-02-05 | 上海商米科技集团股份有限公司 | Remote key injection method based on key agreement |
CN112332978B (en) * | 2020-11-10 | 2022-09-20 | 上海商米科技集团股份有限公司 | Remote key injection method based on key agreement |
CN113810382A (en) * | 2021-08-24 | 2021-12-17 | 东北大学秦皇岛分校 | Cipher text loading method for resisting SGX side channel attack |
Also Published As
Publication number | Publication date |
---|---|
CN110912686B (en) | 2023-05-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110380852B (en) | Bidirectional authentication method and communication system | |
CN110912686B (en) | Method and system for negotiating secret key of security channel | |
CN108599925B (en) | Improved AKA identity authentication system and method based on quantum communication network | |
CN113612605B (en) | Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology | |
US7707412B2 (en) | Linked authentication protocols | |
EP2320621B1 (en) | Method for establishing cryptographic communications between a remote device and a medical device and system for carrying out the method | |
US7607012B2 (en) | Method for securing a communication | |
JP5579872B2 (en) | Secure multiple UIM authentication and key exchange | |
JP2019533384A (en) | Data transmission method, apparatus and system | |
US20070083766A1 (en) | Data transmission links | |
US20030210789A1 (en) | Data transmission links | |
CN101409619B (en) | Flash memory card and method for implementing virtual special network key exchange | |
CN108650227A (en) | Handshake method based on datagram secure transfer protocol and system | |
JP2005515701A6 (en) | Data transmission link | |
CN110020524B (en) | Bidirectional authentication method based on smart card | |
CN111756529B (en) | Quantum session key distribution method and system | |
CN106788989A (en) | A kind of method and apparatus for setting up safe encryption channel | |
CN111756528B (en) | Quantum session key distribution method, device and communication architecture | |
CN114172745A (en) | Internet of things security protocol system | |
CN108259486B (en) | End-to-end key exchange method based on certificate | |
CN114362946B (en) | Key agreement method and system | |
CN113676448B (en) | Offline equipment bidirectional authentication method and system based on symmetric key | |
CN113014376B (en) | Method for safety authentication between user and server | |
KR100456624B1 (en) | Authentication and key agreement scheme for mobile network | |
CN101547091A (en) | Method and device for transmitting information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |