CN111600704B - SM 2-based key exchange method, system, electronic equipment and storage medium - Google Patents

SM 2-based key exchange method, system, electronic equipment and storage medium Download PDF

Info

Publication number
CN111600704B
CN111600704B CN202010398070.2A CN202010398070A CN111600704B CN 111600704 B CN111600704 B CN 111600704B CN 202010398070 A CN202010398070 A CN 202010398070A CN 111600704 B CN111600704 B CN 111600704B
Authority
CN
China
Prior art keywords
key
information
electronic device
generating
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010398070.2A
Other languages
Chinese (zh)
Other versions
CN111600704A (en
Inventor
黄海泉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Holding Co Ltd
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Holding Co Ltd
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Holding Co Ltd, Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Holding Co Ltd
Priority to CN202010398070.2A priority Critical patent/CN111600704B/en
Publication of CN111600704A publication Critical patent/CN111600704A/en
Application granted granted Critical
Publication of CN111600704B publication Critical patent/CN111600704B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

The disclosure provides a key exchange method, a server, a terminal device, a system, an electronic device and a storage medium based on SM2, which relate to the technical field of computers, in particular to artificial intelligence and blockchain technology, and comprise the following steps: receiving random information sent by the second electronic equipment, receiving secret key information sent by equipment participating in secret key exchange, generating a first secret key component according to the random information, the secret key fragments of the first electronic equipment and a preset public key, generating demonstration information according to the first secret key component, and sending the first secret key component and the demonstration information to the second electronic equipment, wherein on one hand, the technical effects of theft prevention and attack prevention are realized by generating the demonstration information for verifying the identity of the first electronic equipment according to the first secret key component, so that the technical effect of ensuring the safety of user information is realized; on the other hand, by combining the first electronic device and the second electronic device to realize the key exchange together, the technical effects of the security and the reliability of the key exchange can be improved.

Description

SM 2-based key exchange method, system, electronic equipment and storage medium
Technical Field
The disclosure relates to the field of computer technology, in particular to artificial intelligence and blockchain technology, and especially relates to an SM 2-based key exchange method, a server, terminal equipment, a system, electronic equipment and a storage medium.
Background
With the development of internet technology, security and reliability of information transmission or storage are called focus of attention.
In the prior art, the server or terminal device typically stores and uses the private key in the form of software. For example, if the private key is stored in the server or the terminal device completely and is exchanged with other devices based on the server or the terminal device, the attacker can obtain the private key through rights promotion and exchange the private key according to the private key.
However, in the process of implementing the present application, the inventors found that at least the following problems exist: when the key exchange is performed through the terminal device or the key exchange is performed through the server, the problem that the terminal device or the server is disguised by other devices and related information of devices participating in the key exchange is stolen is easily caused.
Disclosure of Invention
The disclosure provides a key exchange method, a server, terminal equipment, a system, electronic equipment and a storage medium based on SM2, which are used for solving the problem that the related information of equipment participating in key exchange is stolen due to the fact that the terminal equipment or the server is disguised by other equipment easily in the prior art.
In one aspect, an embodiment of the present disclosure provides an SM 2-based key exchange method, applied to a first electronic device, the method including:
receiving random information sent by second electronic equipment;
receiving key information sent by devices participating in key exchange;
generating a first key component according to the random information, the secret key fragments of the first electronic equipment and a preset public key, wherein the first electronic equipment and the second electronic equipment are provided with mutually independent secret key fragments and the shared public key;
generating argument information according to the first key component, the argument information being used to verify the identity of the first electronic device;
the first key component and the proof information are sent to the second electronic device.
In some embodiments, the generating the argument information from the first key component comprises:
the proof of paper information is generated by a zero knowledge proof algorithm pre-negotiated with the second electronic device.
In some embodiments, the zero-knowledge proof algorithm comprises a proof model, and the generating the proof information by the zero-knowledge proof algorithm pre-negotiated with the second electronic device comprises:
Acquiring the paper model;
and calculating the first key component according to the paper model to generate paper information, wherein the paper information comprises parameters to be verified and verification parameters.
In some embodiments, the generating the first key component according to the random information, the key fragment of the first electronic device, and the predetermined public key includes:
generating an integer type parameter according to the secret key information and the random information;
and generating the first key component according to the integer type parameter, the key fragment of the first electronic device, the key information and the public key.
In some embodiments, the integer-type parameter includes a first integer-type parameter of the random information and a second integer-type parameter of the key information, and the generating the first key component from the random information, the key fragment of the first electronic device, and the predetermined public key includes:
generating a private key parameter of the first electronic device according to the parameter of the first integer type and the key fragment of the first electronic device;
generating public key parameters of the first electronic device according to the parameters of the second integer type, the secret key information and the public key;
And generating the first key component according to the private key parameter of the first electronic device and the public key parameter of the first electronic device.
On the other hand, the embodiment of the disclosure also provides a key exchange method based on SM2, which is applied to a second electronic device, and comprises the following steps:
generating random information according to a preset base point;
transmitting the random information to a first electronic device;
receiving a first key component sent by the first electronic device and arguments information corresponding to the first key component, wherein the arguments information is used for verifying the identity of the first electronic device;
verifying the identity of the first electronic device according to the paper information;
if the verification is successful, generating a secret key of the equipment participating in secret key exchange according to the random information, the secret key information and the first secret key component.
In some embodiments, the verifying the identity of the first electronic device according to the paper information comprises:
and verifying by a zero-knowledge proof algorithm pre-negotiated with the first electronic device.
In some embodiments, the zero-knowledge proof algorithm includes a proof model, the proof information includes parameters to be verified and verification parameters, and the verifying by the zero-knowledge proof algorithm pre-negotiated with the first electronic device includes:
Acquiring the paper model;
calculating the discussion certificate parameters according to the discussion certificate model;
if the calculated result is the same as the parameter to be verified, verification is successful.
In some embodiments, generating a key of a device participating in a key exchange from the random information, the key information, and the first key component comprises:
generating an integer type parameter according to the secret key information and the random information;
generating a second key component according to the integer type parameter, the key fragment of the second electronic device, the key information and a preset public key, wherein the second electronic device and the first electronic device are provided with mutually independent key fragments and shared public keys;
and generating the key of the equipment participating in the key exchange according to the second key component, the first key component, the hash value of the first electronic equipment and the hash value of the equipment participating in the key exchange.
In some embodiments, the integer-type parameter includes a first integer-type parameter of the random parameter, a second integer-type parameter of the key information, and the generating the second key component from the integer-type parameter, the key fragment of the second electronic device, the key information, and the predetermined public key includes:
Generating a private key parameter of the second electronic device according to the parameter of the first integer type and the key fragment of the second electronic device;
generating public key parameters of the second electronic equipment according to the parameters of the second integer type, the secret key information and the public key;
and generating the second key component according to the private key parameter of the second electronic device and the public key parameter of the second electronic device.
In another aspect, an embodiment of the present disclosure further provides a server, including:
the first receiving module is used for receiving random information sent by the terminal equipment and receiving key information sent by equipment participating in key exchange;
the first generation module is used for generating a first key component according to the random information, the secret key fragments of the server and a preset public key, generating demonstration information according to the first key component, wherein the server and the terminal equipment are provided with mutually independent secret key fragments and the shared public key, and the demonstration information is used for verifying the identity of the server;
and the first sending module is used for sending the first key component and the paper certificate information to the terminal equipment.
In some embodiments, the first generation module is configured to generate the proof of paper information by a zero knowledge proof algorithm pre-negotiated with the terminal device.
In some embodiments, the zero-knowledge proof algorithm includes a proof model, and the first generation module is configured to obtain the proof model, calculate the first key component according to the proof model, and generate the proof information, where the proof information includes parameters to be verified and verification parameters.
In some embodiments, the first generating module is configured to generate an integer type parameter according to the key information and the random information, and generate the first key component according to the integer type parameter, the key fragment of the server, the key information, and the public key.
In some embodiments, the integer-type parameters include a first integer-type parameter of the random information and a second integer-type parameter of the key information, and the first generation module is configured to generate a private key parameter of the server according to the first integer-type parameter and the key fragment of the server, generate a public key parameter of the server according to the second integer-type parameter, the key information, and the public key, and generate the first key component according to the private key parameter of the server and the public key parameter of the server.
On the other hand, the embodiment of the disclosure also provides a terminal device, which includes:
the second generation module is used for generating random information according to a preset base point;
the second sending module is used for sending the random information to a server;
the second receiving module is used for receiving the first key component sent by the server and the proof information corresponding to the first key component, wherein the proof information is used for verifying the identity of the server;
the verification module is used for verifying the identity of the server according to the paper information;
and the second generation module is used for generating a secret key of the equipment participating in secret key exchange according to the random information, the secret key information and the first secret key component if verification is successful.
In some embodiments, the verification module is configured to verify by a zero knowledge proof algorithm pre-negotiated with the server.
In some embodiments, the zero-knowledge proof algorithm includes a proof model, the proof information includes a parameter to be verified and a verification parameter, the verification module is configured to obtain the proof model, calculate the proof parameter according to the proof model, and if a result of the calculation is the same as the parameter to be verified, the verification is successful.
In some embodiments, the second generating module is configured to generate an integer type parameter according to the key information and the random information, generate a second key component according to the integer type parameter, the key fragment of the terminal device, the key information, and a preset public key, and generate a key of the device participating in the key exchange according to the second key component, the first key component, a hash value of the server device, and a hash value of the device participating in the key exchange, where the terminal device and the server have mutually independent key fragments and the shared public key.
In some embodiments, the integer-type parameter includes a first integer-type parameter of the random parameter and a second integer-type parameter of the key information, and the second generating module is configured to generate a private key parameter of the terminal device according to the first integer-type parameter and the key fragment of the terminal device, generate a public key parameter of the terminal device according to the second integer-type parameter, the key information, and the public key, and generate the second key component according to the private key parameter of the terminal device and the public key parameter of the terminal device.
In another aspect, an embodiment of the present disclosure further provides a key exchange system, including: the server as in any one of the embodiments above and the terminal device as in any one of the embodiments above.
In another aspect, an embodiment of the present disclosure further provides an electronic device, including: a memory, a processor;
the memory is used for storing the processor executable instructions;
wherein the processor, when executing the instructions in the memory, is configured to implement the method as described in any of the embodiments above.
In another aspect, embodiments of the present disclosure also provide a computer-readable storage medium having stored therein computer-executable instructions that, when executed by a processor, are configured to implement a method as in any of the embodiments above.
The disclosure provides a key exchange method, a server, a terminal device, a system, an electronic device and a storage medium based on SM2, comprising: the method comprises the steps of receiving random information sent by second electronic equipment, receiving secret key information sent by equipment participating in secret key exchange, generating a first secret key component according to the random information, the secret key information, secret key fragments of the first electronic equipment and a preset public key, wherein the first electronic equipment and the second electronic equipment are provided with mutually independent secret key fragments and shared public keys, generating argumentation information according to the first secret key component, and sending the argumentation information to the second electronic equipment, wherein the argumentation information is used for verifying the identity of the first electronic equipment, and the first secret key component and the argumentation information are sent to the second electronic equipment. On the other hand, by combining the first electronic device and the second electronic device to realize the key exchange together, the technical effects of the security and the reliability of the key exchange can be improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 is an application scenario schematic diagram of an SM 2-based key exchange method according to an embodiment of the present application;
fig. 2 is a flow chart of an SM 2-based key exchange method according to an embodiment of the present application;
fig. 3 is an interaction schematic diagram of an SM 2-based key exchange method according to an embodiment of the present application;
fig. 4 is a flow chart of an SM 2-based key exchange method according to another embodiment of the present application;
fig. 5 is a flow chart of an SM 2-based key exchange method according to another embodiment of the present application;
FIG. 6 is a schematic diagram of a server according to an embodiment of the present application;
fig. 7 is a schematic diagram of a terminal device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application;
specific embodiments of the present disclosure have been shown by way of the above drawings and will be described in more detail below. These drawings and the written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the disclosed concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
Referring to fig. 1, fig. 1 is a schematic application scenario diagram of an SM 2-based key exchange method according to an embodiment of the present application.
As shown in fig. 1, user a may perform a key exchange with user B, and in the embodiment shown in fig. 1, user a may be an initiator that initiates the key exchange, and user B may be a responder that responds to the key exchange.
It is noted that fig. 1 is for exemplary purposes only and is not to be construed as limiting the initiator and responder. For example, in other embodiments, user B may also be the initiator that initiates the key exchange, and user A may also be the responder to the corresponding key exchange.
AS can be seen from the figure, the user a may generate, together with the server AS, a key RA for exchanging a key with the user B. Similarly, user B may generate a key RB for key exchange with user a via client BC and server BS together.
And the client AC is an application program installed on the terminal equipment by the user A, and the client BC is a service program installed on the terminal equipment by the user B, so that data interaction between the user A and the user B is realized.
When the key exchange method based on SM2 in the embodiment of the present application is applied to the application scenario shown in fig. 1, taking the user a AS an example, the client AC may first generate a component of the key to be exchanged, and perform certification, and then the server AS generates the complete key RA to be exchanged. Of course, it is also possible to first generate a component of the key to be exchanged by the server AS and to prove and then generate the complete key to be exchanged RA by the client AC. The specific principles are described below and are not repeated here.
Similarly, if the user B is taken as an example, the client BC may first generate a component of the key to be exchanged, perform certification, and then the server BS may generate the complete key RB to be exchanged. Of course, the server BS may generate a component of the key to be exchanged first, perform the certification, and then generate the complete key RB to be exchanged by the client BC.
Wherein the client AC and/or the client BC may be terminal devices. And, the terminal device may be a wireless terminal or a wired terminal. A wireless terminal may be a device that provides voice and/or other traffic data connectivity to a user, a handheld device with wireless connectivity, or other processing device connected to a wireless modem. The wireless terminal may communicate with one or more core network devices via a radio access network (Radio Access Network, RAN for short), which may be mobile terminals such as mobile phones (or "cellular" phones) and computers with mobile terminals, for example, portable, pocket, hand-held, computer-built-in or vehicle-mounted mobile devices that exchange voice and/or data with the radio access network. For another example, the wireless terminal may be a personal communication service (Personal Communication Service, abbreviated PCS) phone, a cordless phone, a session initiation protocol (Session Initiation Protocol, abbreviated SIP) phone, a wireless local loop (Wireless Local Loop, abbreviated WLL) station, a personal digital assistant (Personal Digital Assistant, abbreviated PDA) or the like. A wireless Terminal may also be referred to as a system, subscriber Unit (Subscriber Unit), subscriber Station (Subscriber Station), mobile Station (Mobile Station), mobile Station (Mobile), remote Station (Remote Station), remote Terminal (Remote Terminal), access Terminal (Access Terminal), user Terminal (User Terminal), user Agent (User Agent), user equipment (User Device or User Equipment), without limitation. Optionally, the terminal device may also be a device such as a smart watch or a tablet computer.
Key exchange refers to exchanging a key of one electronic device with a key of another electronic device. In the related art, the key exchange is generally performed directly between two electronic devices, for example, by two terminal devices having a key exchange requirement, or by two servers having a key exchange requirement.
However, when the two terminal devices with the key exchange requirements perform the key exchange, or when the two servers with the key exchange requirements perform the key exchange, the private key of a certain electronic device may be stolen, and a pseudo exchange is caused, so that the related information of the electronic devices participating in the key exchange is also stolen.
In order to implement the key exchange by two terminal devices having a key exchange requirement or the problem of implementing the key exchange by two servers having a key exchange requirement, the inventors of the present application, after having been creatively worked, have obtained the inventive concept of the present application: the key for key exchange is generated by two electronic devices (a terminal device and a server as described in the above examples) in combination with any party having a key exchange requirement, and the identity thereof is verified by the preceding electronic device.
The following describes the technical solutions of the present disclosure and how the technical solutions of the present application solve the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present disclosure will be described below with reference to the accompanying drawings.
According to an aspect of the embodiments of the present application, the embodiments of the present application provide an SM 2-based key exchange method, which may be applied to a first electronic device.
Referring to fig. 2, fig. 2 is a flow chart of an SM 2-based key exchange method according to an embodiment of the present application.
As shown in fig. 2, the method includes:
s101: and receiving random information sent by the second electronic equipment.
The execution body of the embodiment of the present application may be a first electronic device, and the first electronic device may be a terminal device, and of course, the first electronic device may also be a server.
For example, in the application scenario shown in fig. 1, the first electronic device may be a client AC or a client BC, and the second electronic device may be a server AS or a server BS; of course, the first electronic device may be the server AS or the server BS, and the second electronic device may be the client AC or the client BC.
S102: key information sent by devices participating in the key exchange is received.
S103: generating a first key component according to the random information, the key fragments of the first electronic device and the preset public key, wherein the first electronic device and the second electronic device are provided with the key fragments which are mutually independent and the shared public key.
That is, before the SM 2-based key exchange method in the embodiment of the present application is executed, a private key fragment may be configured for the first electronic device, and the private key fragment configured for the first electronic device is referred to as a first private key fragment, and a private key fragment may be configured for the second electronic device, and the private key fragment configured for the second electronic device is referred to as a second private key fragment.
In some embodiments, the first private key fragment is generated based on the second private key fragment and a private key of a preset public-private key pair. It is also understood that the first private key fragment and the second private key fragment may be configured according to the private keys of the public-private key pair, respectively.
In the embodiment of the application, the first key component is generated by the first electronic device, so that the defect that the electronic device which exchanges the key with the first electronic device is easy to attack when the key of the first electronic device is stolen due to the fact that the first electronic device directly generates the complete key for exchange in the related technology can be avoided, and the technical effects of improving the safety and reliability of the key exchange are achieved.
S104: and generating demonstration information according to the first key component, wherein the demonstration information is used for verifying the identity of the first electronic device.
Wherein, this step may specifically include: and proving the first key component to generate demonstration information.
That is, in the embodiment of the present application, when the first key component is generated, the first key component is further proved, which can be understood as proof of authenticity of the identity of the first electronic device, so that the problem that when the information of the first electronic device is stolen, the information of the user (including personal information and financial related information of the user, etc.) is stolen when the information is used for key exchange is avoided, thereby realizing the technical effects of theft prevention and attack prevention, and further realizing the technical effect of ensuring the safety of the user information.
S105: the first key component and the forensic information are transmitted to the second electronic device.
That is, in the embodiment of the present application, after the first electronic device generates the first key component and generates the argument information of the first key component, the first electronic device may send the first key component and the argument information to the second electronic device, so that the second electronic device verifies the identity of the first electronic device and generates the complete key for key exchange.
Based on the above analysis, the embodiment of the application provides an SM 2-based key exchange method, which can be applied to a first electronic device, and the method includes: the method comprises the steps of receiving random information sent by second electronic equipment, receiving secret key information sent by equipment participating in secret key exchange, generating a first secret key component according to the random information, the secret key information, secret key fragments of the first electronic equipment and a preset public key, wherein the first electronic equipment and the second electronic equipment are provided with mutually independent secret key fragments and shared public keys, generating proof information for proving the first secret key component, and sending the first secret key component and the proof information to the second electronic equipment, on one hand, generating the proof information while generating the first secret key component, so that the problem that user information (including personal information, financial related information and the like of a user) is stolen when the secret key fragments of the first electronic equipment are used for secret key exchange is avoided, the technical effect of anti-theft and anti-attack is achieved, and the technical effect of ensuring the safety of the user information is achieved; on the other hand, by combining the first electronic device and the second electronic device to realize the key exchange together, the technical effects of the security and the reliability of the key exchange can be improved.
In order for the reader to understand the SM 2-based key exchange method of the embodiments of the present application more thoroughly, the SM 2-based key exchange method of the embodiments of the present application will now be described in more detail with reference to fig. 3. Fig. 3 is an interaction schematic diagram of an SM 2-based key exchange method according to an embodiment of the present application.
In fig. 3, we take a first electronic device as a server and a second electronic device as a terminal device as an example.
As shown in fig. 3, the method includes:
s1: the terminal equipment generates and sends a first random number R to the server according to a base point G on an elliptic curve of the SM2 algorithm AC (i.e., the random information received by the first electronic device in the example above).
S2: the server receives key information sent by devices participating in the key exchange.
In some embodiments, this step may specifically include: receiving a first elliptic curve point R transmitted by a device participating in a key exchange B
S3: the server generates a first key component according to the random information, the key information, the first key fragment and a preset public key, and the server and the terminal equipment are provided with mutually independent key fragments and shared public keys.
In some embodiments, S3 may specifically include: and generating an integer type parameter according to the key information and the random information, and generating a first key component according to the integer type parameter, the first key fragment, the key information and the public key.
In some embodiments, the integer-type parameter comprises a first integer-type parameter of the random information and a second integer-type parameter of the key information, and generating the first key component based on the random information, the key information, the first key fragment, and the predetermined public key comprises: generating a private key parameter of a server according to the parameter of the first integer type and the first key fragment, generating a public key parameter of the server according to the parameter of the second integer type, the key information and the public key, and generating a first key component according to the private key parameter of the server and the public key parameter of the server.
In some embodiments, this step may specifically include: according to a first random number R AC And the base point G on the elliptic curve of the SM2 algorithm generates a second random number R AS According to the first random number R AC And a second random number R AS Generating a third elliptic curve point R A According to the third elliptic curve point R A First elliptic curve point R B First key fragment d AS And generating a second elliptic curve point U with the public key AS
In some embodiments, according to the third elliptic curve point R A First elliptic curve point R B Key fragment d of server AS And generating a second elliptic curve point U with the public key AS The method specifically comprises the following steps: according to the first elliptic curve point R B And a third elliptic curve point R A Generating an integer type parameter, and partitioning d according to the integer type parameter AS First elliptic curve point R B And generating a second elliptic curve point U with the public key AS
In some embodiments, an integerThe type of parameter includes a third elliptic curve point R A A first elliptic curve point R of a first integer type B According to the integer type parameter, the first key fragment d AS First elliptic curve point R B And generating a second elliptic curve point U with the public key AS Comprising the following steps: based on a parameter of a first integer type and a first key fragment d AS Generating a private key parameter of the server according to the parameter of the second integer type and the first elliptic curve point R B And generating a second elliptic curve point U according to the private key parameter and the public key parameter of the server AS
S4: the server generates demonstration information according to the first key component, wherein the demonstration information is used for verifying the identity of the server.
In some embodiments, this step may specifically include: the demonstration information is generated by a zero knowledge proof algorithm pre-negotiated with the terminal device.
In some embodiments, the generating of the demonstration information by means of a zero knowledge proof generating algorithm pre-negotiated with the terminal device may specifically include: and acquiring a demonstration model preset with the terminal equipment, and calculating the first key component according to the demonstration model to generate demonstration information, wherein the demonstration information comprises parameters to be verified and verification parameters.
That is, the server and the terminal device may set the demonstration model in advance. Because the server and the terminal device preset the argumentation model, when the server generates the first key component, the first key component can be calculated based on the argumentation model to generate argumentation information including the parameters to be verified and the verification parameters.
S5: the server transmits the first key component and the argument information to the terminal device.
Based on the above example, this step may specifically include: point R of the first elliptic curve B Second random number R AS Second elliptic curve point U AS And transmitting the demonstration information to the terminal device.
S6: and the terminal equipment verifies the identity of the server according to the demonstration information.
In some embodiments, this step may specifically include: authentication is performed by a zero knowledge proof algorithm pre-negotiated with the server.
In some embodiments, the arguments include parameters to be verified and verification parameters, and the verification performed by the zero knowledge proof algorithm pre-negotiated with the server may specifically include: and acquiring a demonstration model preset with the server, calculating the demonstration parameters according to the demonstration model, and if the calculated result is the same as the parameter to be verified, successfully verifying.
S7: if the verification is successful, the terminal equipment generates a secret key of the equipment participating in the secret key exchange according to the random information, the secret key information and the first secret key component.
It should be noted that the calculated result may be the same as or different from the parameter to be verified, if the calculated result is the same as the parameter to be verified, the verification is successful, if the calculated result is different from the parameter to be verified, the verification is failed, the server may be a pseudo server for stealing the user information, and the process ends.
In some embodiments, S7 may specifically include: generating an integer type parameter according to the key information and the random information, generating a second key component according to the integer type parameter, the second key fragment, the key information and a preset public key, and generating a key of the equipment participating in the key exchange according to the second key component, the first key component, the hash value of the server and the hash value of the equipment participating in the key exchange.
Based on the above example, this step may specifically include: according to a first random number R AC And a second random number R AS Generating a third elliptic curve point R A According to the first elliptic curve point R B And a third elliptic curve point R A Generating an integer type parameter, and slicing d according to the integer type parameter and the second key AC First elliptic curve point R B Generating a fourth elliptic curve point U by a preset public key A According to the fourth elliptic curve point U A The hash value of the server and the hash value of the device participating in the key exchange generate a key of the device participating in the key exchange.
In some embodiments, the integer-type parameter comprises a first integer-type parameter of the random parameter, a second integer-type parameter of the key information, and generating the second key component based on the integer-type parameter, the second key fragment, the key information, and the predetermined public key comprises: generating a private key parameter of the terminal equipment according to the parameter of the first integer type and the second key fragment, generating a public key parameter of the terminal equipment according to the parameter of the second integer type, the key information and the public key, and generating a second key component according to the private key parameter of the terminal equipment and the public key parameter of the terminal equipment.
Based on the above example, this step may specifically include: based on the first integer type of parameter and the second key fragment d AC Generating a private key parameter of the terminal equipment according to the parameter of the second integer type and the first elliptic curve point R B And generating a public key parameter of the terminal equipment by the public key, and generating a fourth elliptic curve point U according to the private key parameter and the public key parameter of the terminal equipment A
Illustratively, in some embodiments, the first private key fragment d C And a second private key fragment d S Can be based on d C +d S Determination is made by =d+n, where d is the private key in the public-private key pair and n is a parameter set based on requirements, experience, and experimentation, e.g., n can be set to 1.
That is, in the embodiment of the present application, on one hand, the terminal device is combined with the server to jointly implement the key exchange, so that the defect that the key used for exchange is forged when the terminal device is adopted alone to perform the key exchange or the server is adopted alone to perform the key exchange can be avoided, and the safe technical effect of the user information (including the personal information and the financial related information of the user) is ensured; on the other hand, in the process of generating the secret key for secret key exchange, the server in the previous electronic equipment, such as the embodiment of the application, performs the certification on the related information, such as the first secret key component, so that the accuracy of the final server can be further ensured, the problem that the information of the server is stolen when the information of the server is stolen and is used for secret key exchange, and the problem that the user information is stolen is solved, thereby realizing the technical effects of theft prevention and attack prevention.
It is noted that the example shown in fig. 3 is for exemplary illustration only and is not to be construed as a specific limitation on the first electronic device and the second electronic device. That is, in some embodiments, the first electronic device may be a server as shown in fig. 3, the second electronic device may be a terminal device as shown in fig. 3, in other embodiments, the first electronic device may also be a terminal device as shown in fig. 3, the second electronic device may also be a server as shown in fig. 3, and when the first electronic device may also be a terminal device as shown in fig. 3, the second electronic device may also be a server as shown in fig. 3, the implementation principle is the same as the above example, and thus, a description thereof will not be repeated here.
According to another aspect of the embodiments of the present application, the embodiments of the present application further provide an SM 2-based key exchange method, which may be applied to a second electronic device.
Referring to fig. 4, fig. 4 is a flowchart of an SM 2-based key exchange method according to another embodiment of the present application.
As shown in fig. 4, the method includes:
s201: and generating random information according to the preset base point.
The execution body of the embodiment of the present application may be a second electronic device, and the second electronic device may be a terminal device, and of course, the second electronic device may also be a server.
For example, in the application scenario shown in fig. 1, the second electronic device may be a client AC or a client BC, and the first electronic device may be a server AS or a server BS; of course, the second electronic device may be the server AS or the server BS, and the first electronic device may be the client AC or the client BC.
S202: the random information is sent to the first electronic device.
S203: and receiving the first key component and the demonstration information corresponding to the first key component, wherein the demonstration information is used for verifying the identity of the first electronic device.
S204: and verifying the identity of the first electronic equipment according to the demonstration information.
S205: if the verification is successful, generating a key of the equipment participating in the key exchange according to the random information, the key information and the first key component.
The second electronic device may be verification success or verification failure when verifying, if verification is successful, the first electronic device is a pseudo electronic device, and if the first electronic device is a pseudo electronic device, the second electronic device generates a secret key of a device participating in secret key exchange according to the secret key; if the verification fails, the first electronic device is highly likely to be a pseudo electronic device, so as to avoid the second electronic device from being attacked, and avoid the problems of losing user information and the like caused by the attack of the devices participating in the key exchange, and the process is ended.
Based on the above analysis, the embodiment of the application provides an SM 2-based key exchange method, which can be applied to a second electronic device, and the method includes: generating random information according to a preset base point, sending the random information to first electronic equipment, receiving a first secret key component sent by the first electronic equipment and demonstration information corresponding to the first secret key component, wherein the demonstration information is used for verifying the identity of the first electronic equipment, verifying the identity of the first electronic equipment according to the demonstration information, and if the verification is successful, generating secret keys of equipment participating in secret key exchange according to the random information, the secret key information and the first secret key component, and on one hand, jointly generating secret keys for secret key exchange by combining the first electronic equipment and the second electronic equipment, so that the technical effects of the reliability and the safety of secret key exchange can be improved; on the other hand, the identity of the first electronic device is verified by combining the demonstration information, so that when verification is successful, the second electronic device generates a complete secret key for secret key exchange, the second electronic device and the devices participating in secret key exchange can be prevented from being attacked, the problem of losing user information and the like is solved, and the technical effects of safety and reliability of secret key exchange are improved.
In some embodiments, S204 comprises: verification is performed by means of a zero knowledge proof algorithm pre-negotiated with the first electronic device.
In order to make the reader more deeply understand the SM 2-based key exchange method according to the embodiments of the present application, the SM 2-based key exchange method according to the embodiments of the present application will be described in detail with reference to fig. 5. Fig. 5 is a flow chart of an SM 2-based key exchange method according to another embodiment of the present application.
As shown in fig. 5, the method includes:
s301: and generating random information according to the preset base point.
The description of S301 may refer to S201, and will not be repeated here.
S302: the random information is sent to the first electronic device.
S303: and receiving the first key component and the demonstration information corresponding to the first key component, wherein the demonstration information is used for verifying the identity of the first electronic device.
S304: and acquiring a demonstration model preset with the first electronic equipment.
S305: and calculating the demonstration parameters according to the demonstration model.
S306: and judging whether the calculated result is the same as the parameter to be verified, if so, executing S307, and if not, ending the flow.
S307: and generating the key of the equipment participating in the key exchange according to the random information, the key information and the first key component.
In some embodiments, S307 comprises:
s71: and generating integer type parameters according to the key information and the random information.
S72: and generating a second key component according to the integer type parameter, the key fragment of the second electronic equipment, the key information and the preset public key.
In some embodiments, the parameters of the integer type include parameters of a first integer type of random parameters, parameters of a second integer type of key information, S72 comprising:
s721: and generating the private key parameters of the second electronic device according to the parameters of the first integer type and the key fragments of the second electronic device.
S722: and generating public key parameters of the second electronic device according to the parameters of the second integer type, the secret key information and the public key.
S723: and generating a second key component according to the private key parameter of the second electronic device and the public key parameter of the second electronic device.
S73: and generating the key of the device participating in the key exchange according to the second key component, the first key component, the hash value of the first electronic device and the hash value of the device participating in the key exchange.
According to another aspect of the embodiment of the present application, there is further provided a server for performing the method shown in fig. 2.
Referring to fig. 6, fig. 6 is a schematic diagram of a server according to an embodiment of the present application.
As shown in fig. 6, the server includes:
a first receiving module 11, configured to receive random information sent by a terminal device, and receive key information sent by a device participating in key exchange;
a first generating module 12, configured to generate a first key component according to the random information, the key information, a key fragment of a server, and a preset public key, and generate argument information according to the first key component, where the server and the terminal device have mutually independent key fragments and the shared public key, and the argument information is used to verify an identity of the server;
a first sending module 13, configured to send the first key component and the argument information to the terminal device.
In some embodiments, the first generation module 12 is configured to generate the argument information by a zero knowledge proof algorithm pre-negotiated with the terminal device.
In some embodiments, the zero-knowledge proof algorithm includes a proof model, and the first generating module 12 is configured to obtain the proof model, calculate the first key component according to the proof model, and generate the proof information, where the proof information includes parameters to be verified and verification parameters.
In some embodiments, the first generating module 12 is configured to generate an integer type parameter according to the key information and the random information, and generate the first key component according to the integer type parameter, the key fragment of the server, the key information, and the public key.
In some embodiments, the integer-type parameters include a first integer-type parameter of the random information and a second integer-type parameter of the key information, and the first generation module 12 is configured to generate the private key parameter of the server according to the first integer-type parameter and the key fragment of the server, generate the public key parameter of the server according to the second integer-type parameter, the key information, and the public key, and generate the first key component according to the private key parameter of the server and the public key parameter of the server.
According to another aspect of the embodiments of the present application, there is further provided a terminal device for performing the method shown in fig. 4 and fig. 5.
Referring to fig. 7, fig. 7 is a schematic diagram of a terminal device according to an embodiment of the present application.
As shown in fig. 7, the terminal device includes:
A second generation module 21, configured to generate random information according to a preset base point;
a second transmitting module 22, configured to transmit the random information to a server;
a second receiving module 23, configured to receive a first key component sent by the server and argument information corresponding to the first key component, where the argument information is used to verify an identity of the server;
a verification module 24, configured to verify the identity of the server according to the paper certificate information;
the second generating module 21 is configured to generate, if the verification is successful, a key of the device participating in the key exchange according to the random information, the key information and the first key component.
In some embodiments, the verification module 24 is configured to verify by a zero knowledge proof algorithm pre-negotiated with the server.
In some embodiments, the zero-knowledge proof algorithm includes a proof model, the proof information includes parameters to be verified and verification parameters, the verification module 24 is configured to obtain the proof model, calculate the proof parameters according to the proof model, and if the result of calculation is the same as the parameters to be verified, the verification is successful.
In some embodiments, the second generating module 21 is configured to generate an integer type parameter according to the key information and the random information, generate a second key component according to the integer type parameter, the key fragment of the terminal device, the key information, and a preset public key, and generate a key of the device participating in the key exchange according to the second key component, the first key component, a hash value of the server, and a hash value of the device participating in the key exchange, where the terminal device and the server have mutually independent key fragments and the shared public key.
In some embodiments, the integer-type parameter includes a first integer-type parameter of the random parameter and a second integer-type parameter of the key information, and the second generating module 21 is configured to generate a private key parameter of the terminal device according to the first integer-type parameter and the key fragment of the terminal device, generate a public key parameter of the terminal device according to the second integer-type parameter, the key information, and the public key, and generate the second key component according to the private key parameter of the terminal device and the public key parameter of the terminal device.
According to another aspect of the embodiment of the present application, there is further provided a key exchange system, which includes a server as shown in fig. 6 and a terminal device as shown in fig. 7.
According to another aspect of the embodiments of the present application, there is further provided an electronic device, including: a memory, a processor;
a memory for storing processor-executable instructions;
wherein the processor, when executing the instructions in the memory, is configured to implement the method as described in any of the embodiments above. For example, the methods shown in fig. 2, 4 and 5 are performed.
Referring to fig. 8, fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
As shown in fig. 8, the electronic device includes a memory and a processor, and may further include a communication interface and a bus, wherein the processor, the communication interface, and the memory are connected by the bus; the processor is configured to execute executable modules, such as computer programs, stored in the memory.
The memory may include a high-speed random access memory (RAM, random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one magnetic disk memory. Communication connection between the system network element and at least one other network element is achieved through at least one communication interface, which may be wired or wireless, and the internet, wide area network, local network, metropolitan area network, etc. may be used.
The bus may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be divided into address buses, data buses, control buses, etc.
The memory is used for storing a program, and the processor executes the program after receiving an execution instruction, so that the method disclosed in any embodiment of the foregoing disclosure may be applied to the processor or implemented by the processor.
The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but may also be a digital signal processor (Digital SignalProcessing, DSP for short), application specific integrated circuit (Application Specific Integrated Circuit, ASIC for short), off-the-shelf programmable gate array (Field-Programmable Gate Array, FPGA for short), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The steps of a method disclosed in connection with the embodiments of the present disclosure may be embodied directly in hardware, in a decoded processor, or in a combination of hardware and software modules in a decoded processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method.
According to another aspect of the disclosed embodiments, the disclosed embodiments also provide a computer-readable storage medium having stored therein computer-executable instructions that, when executed by a processor, are configured to implement a method as described in any of the above embodiments.
The reader will appreciate that in the description of this specification, a description of terms "one embodiment," "some embodiments," "an example," "a particular example," or "some examples," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the apparatus and units described above may refer to corresponding procedures in the foregoing method embodiments, which are not described herein again.
In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of elements is merely a logical functional division, and there may be additional divisions of actual implementation, e.g., multiple elements or components may be combined or integrated into another system, or some features may be omitted, or not performed.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purposes of the embodiments of the present disclosure.
In addition, each functional unit in each embodiment of the present disclosure may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present disclosure is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods of the embodiments of the present disclosure. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It should also be understood that, in the embodiments of the present disclosure, the sequence number of each process described above does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not constitute any limitation on the implementation process of the embodiments of the present disclosure.
The foregoing is merely a specific embodiment of the present disclosure, but the protection scope of the present disclosure is not limited thereto, and any equivalent modifications or substitutions will be apparent to those skilled in the art within the scope of the present disclosure, and these modifications or substitutions should be covered in the scope of the present disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.

Claims (13)

1. A key exchange method based on SM2, applied to a first electronic device, the method comprising:
receiving random information sent by second electronic equipment;
receiving key information sent by devices participating in key exchange;
generating a first key component according to the random information, the secret key fragments of the first electronic equipment and a preset public key, wherein the first electronic equipment and the second electronic equipment are provided with mutually independent secret key fragments and the shared public key;
generating argument information according to the first key component, the argument information being used to verify the identity of the first electronic device;
transmitting the first key component and the paper certificate information to the second electronic device;
The generating a first key component according to the random information, the key fragment of the first electronic device, and a preset public key includes:
generating an integer type parameter according to the secret key information and the random information;
and generating the first key component according to the integer type parameter, the key fragment of the first electronic device, the key information and the public key.
2. The method of claim 1, wherein the generating of the argument information from the first key component comprises:
the proof of paper information is generated by a zero knowledge proof algorithm pre-negotiated with the second electronic device.
3. The method of claim 2, wherein the zero-knowledge proof algorithm comprises a proof model, and wherein generating the proof information by the zero-knowledge proof algorithm pre-negotiated with the second electronic device comprises:
acquiring the paper model;
and calculating the first key component according to the paper model to generate paper information, wherein the paper information comprises parameters to be verified and verification parameters.
4. The method of claim 1, wherein the integer-type parameters include a first integer-type parameter of the random information and a second integer-type parameter of the key information, and wherein generating the first key component from the random information, the key fragment of the first electronic device, and the predetermined public key comprises:
Generating a private key parameter of the first electronic device according to the parameter of the first integer type and the key fragment of the first electronic device;
generating public key parameters of the first electronic device according to the parameters of the second integer type, the secret key information and the public key;
and generating the first key component according to the private key parameter of the first electronic device and the public key parameter of the first electronic device.
5. A key exchange method based on SM2, applied to a second electronic device, the method comprising:
generating random information according to a preset base point;
transmitting the random information to a first electronic device;
receiving a first key component sent by the first electronic device and arguments information corresponding to the first key component, wherein the arguments information is used for verifying the identity of the first electronic device;
verifying the identity of the first electronic device according to the paper information;
if the verification is successful, generating a secret key of the equipment participating in secret key exchange according to the random information, the secret key information and the first secret key component;
generating a key of a device participating in the key exchange according to the random information, the key information and the first key component, including:
Generating an integer type parameter according to the secret key information and the random information;
generating a second key component according to the integer type parameter, the key fragment of the second electronic device, the key information and a preset public key, wherein the second electronic device and the first electronic device are provided with mutually independent key fragments and shared public keys;
and generating the key of the equipment participating in the key exchange according to the second key component, the first key component, the hash value of the first electronic equipment and the hash value of the equipment participating in the key exchange.
6. The method of claim 5, wherein verifying the identity of the first electronic device from the paper information comprises:
and verifying by a zero-knowledge proof algorithm pre-negotiated with the first electronic device.
7. The method of claim 6, wherein the zero-knowledge proof algorithm comprises a proof of comments model, the proof of comments information comprising parameters to be verified and verification parameters, the verifying by the zero-knowledge proof algorithm pre-negotiated with the first electronic device comprising:
acquiring the paper model;
Calculating the verification parameters according to the paper model;
if the calculated result is the same as the parameter to be verified, verification is successful.
8. The method of claim 5, wherein the integer-type parameter comprises a first integer-type parameter of the random parameter, and a second integer-type parameter of the key information, and wherein generating the second key component based on the integer-type parameter, the key fragment of the second electronic device, the key information, and the predetermined public key comprises:
generating a private key parameter of the second electronic device according to the parameter of the first integer type and the key fragment of the second electronic device;
generating public key parameters of the second electronic equipment according to the parameters of the second integer type, the secret key information and the public key;
and generating the second key component according to the private key parameter of the second electronic device and the public key parameter of the second electronic device.
9. A server, the server comprising:
the first receiving module is used for receiving random information sent by the terminal equipment and receiving key information sent by equipment participating in key exchange;
The first generation module is used for generating a first key component according to the random information, the secret key fragments of the server and a preset public key, wherein the server and the terminal equipment are provided with mutually independent secret key fragments and the shared public key;
generating argument information according to the first key component, the argument information being used to verify the identity of the server;
a first sending module, configured to send the first key component and the argument information to the terminal device;
the first generation module is specifically configured to generate an integer type parameter according to the secret key information and the random information;
and generating the first key component according to the integer type parameter, the key fragment of the terminal equipment, the key information and the public key.
10. A terminal device, characterized in that the terminal device comprises:
the second generation module is used for generating random information according to a preset base point;
the second sending module is used for sending the random information to a server;
the second receiving module is used for receiving the first key component sent by the server and the demonstration information corresponding to the first key component;
The verification module is used for verifying the identity of the server according to the paper information;
the second generation module is used for generating a secret key of the equipment participating in secret key exchange according to the random information, the secret key information and the first secret key component if verification is successful;
the second generation module is specifically configured to generate an integer type parameter according to the secret key information and the random information;
generating a second key component according to the integer type parameter, the key fragment of the server, the key information and a preset public key, wherein the server and the terminal equipment are provided with mutually independent key fragments and shared public keys;
and generating the key of the equipment participating in the key exchange according to the second key component, the first key component, the hash value of the terminal equipment and the hash value of the equipment participating in the key exchange.
11. A key exchange system, the system comprising:
the server of claim 9;
the terminal device of claim 10.
12. An electronic device, comprising: a memory, a processor;
the memory is used for storing the processor executable instructions;
Wherein the processor, when executing the instructions in the memory, is configured to implement the method of any one of claims 1 to 4; or alternatively, the process may be performed,
the processor is configured to implement the method of any one of claims 5 to 8.
13. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out the method of any one of claims 1 to 4; or alternatively, the process may be performed,
the processor is configured to implement the method of any one of claims 5 to 8.
CN202010398070.2A 2020-05-12 2020-05-12 SM 2-based key exchange method, system, electronic equipment and storage medium Active CN111600704B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010398070.2A CN111600704B (en) 2020-05-12 2020-05-12 SM 2-based key exchange method, system, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010398070.2A CN111600704B (en) 2020-05-12 2020-05-12 SM 2-based key exchange method, system, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111600704A CN111600704A (en) 2020-08-28
CN111600704B true CN111600704B (en) 2023-08-08

Family

ID=72191251

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010398070.2A Active CN111600704B (en) 2020-05-12 2020-05-12 SM 2-based key exchange method, system, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111600704B (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100579007C (en) * 2007-08-07 2010-01-06 上海交通大学 Method for generating cipher key, communication system, communication apparatus and server
EP2334008A1 (en) * 2009-12-10 2011-06-15 Tata Consultancy Services Limited A system and method for designing secure client-server communication protocols based on certificateless public key infrastructure
CN108667624B (en) * 2018-06-27 2020-11-13 深圳大学 Compact ring signature method and system under standard model
CN109246129B (en) * 2018-10-12 2020-12-25 天津赢达信科技有限公司 SM2 collaborative signature method and system capable of verifying client identity
CN110705985B (en) * 2019-10-21 2020-09-29 北京海益同展信息科技有限公司 Method and apparatus for storing information

Also Published As

Publication number Publication date
CN111600704A (en) 2020-08-28

Similar Documents

Publication Publication Date Title
EP3985916A1 (en) Secure dynamic threshold signature scheme employing trusted hardware
US11432150B2 (en) Method and apparatus for authenticating network access of terminal
JP4719749B2 (en) Secure authentication channel
CN109345245B (en) Short message verification method, device, network and storage medium based on block chain
CN109818730B (en) Blind signature acquisition method and device and server
CN109861828B (en) Node access and node authentication method based on edge calculation
CN111064583B (en) Threshold SM2 digital signature method and device, electronic equipment and storage medium
KR20140054151A (en) Credential validation
CN111131300B (en) Communication method, terminal and server
CN107483191A (en) A kind of SM2 algorithm secret keys segmentation signature system and method
CN107370599B (en) Management method, device and system for remotely destroying private key
CN109309566B (en) Authentication method, device, system, equipment and storage medium
CN112311543B (en) GBA key generation method, terminal and NAF network element
CN113779606A (en) Information verification method and system for reducing privacy disclosure risk
CN111600703B (en) SM 2-based signature method, system, electronic equipment and storage medium
CN110191467B (en) Authentication method, equipment, device and storage medium for Internet of things equipment
CN114553590A (en) Data transmission method and related equipment
JPWO2018179293A1 (en) Verification information providing device, verification device, information management system, method, and program
CN112653554B (en) Signature method, system, equipment and readable storage medium
CN111600717B (en) SM 2-based decryption method, system, electronic equipment and storage medium
CN111600704B (en) SM 2-based key exchange method, system, electronic equipment and storage medium
US20180295131A1 (en) Method and device for verifying validity of identity of entity
CN107223322A (en) The method, apparatus and system of signature verification
CN113923668B (en) Method, device, chip and readable storage medium for identifying network attack behavior
CN112015814B (en) Data generation method, device, node and storage medium based on block chain network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 601, 6 / F, building 2, No. 18, Kechuang 11th Street, Daxing District, Beijing, 100176

Applicant after: Jingdong Technology Information Technology Co.,Ltd.

Applicant after: Jingdong Technology Holding Co.,Ltd.

Address before: 601, 6 / F, building 2, No. 18, Kechuang 11th Street, Daxing District, Beijing, 100176

Applicant before: Jingdong Shuke Haiyi Information Technology Co.,Ltd.

Applicant before: Jingdong Digital Technology Holding Co.,Ltd.

Address after: 601, 6 / F, building 2, No. 18, Kechuang 11th Street, Daxing District, Beijing, 100176

Applicant after: Jingdong Shuke Haiyi Information Technology Co.,Ltd.

Applicant after: Jingdong Digital Technology Holding Co.,Ltd.

Address before: 601, 6 / F, building 2, No. 18, Kechuang 11th Street, Beijing Economic and Technological Development Zone, Beijing 100176

Applicant before: BEIJING HAIYI TONGZHAN INFORMATION TECHNOLOGY Co.,Ltd.

Applicant before: JINGDONG DIGITAL TECHNOLOGY HOLDINGS Co.,Ltd.

GR01 Patent grant
GR01 Patent grant