CN111901111B - SM9 key generation method, device and system and readable storage medium - Google Patents
SM9 key generation method, device and system and readable storage medium Download PDFInfo
- Publication number
- CN111901111B CN111901111B CN202010784021.2A CN202010784021A CN111901111B CN 111901111 B CN111901111 B CN 111901111B CN 202010784021 A CN202010784021 A CN 202010784021A CN 111901111 B CN111901111 B CN 111901111B
- Authority
- CN
- China
- Prior art keywords
- private key
- random number
- sub
- key
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The present disclosure relates to an SM9 key generation method, apparatus, system, and readable storage medium. The SM9 key generation method comprises the following steps: according to the ID of the target user and the first master private key, the first random number and the second random number are used for carrying out interactive communication with a plurality of slave secret management centers so as to generate a first sub private key corresponding to the format of an SM9 algorithm; the secondary secret pipe center is a secret pipe center which performs interactive communication by utilizing the third random number and the fourth random number according to the second main private key; and sending the first sub private key to the target user so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center. As can be seen, the SM9 key generation method provided by the present disclosure ensures the security of the first master private key, and realizes that only the target user grasps the final private key. The SM9 key generation device, system and readable storage medium to which the SM9 key generation method is applied also have the same advantageous effects.
Description
Technical Field
The disclosure relates to the technical field of key generation, and in particular relates to an SM9 key generation method, device and system and a readable storage medium.
Background
In order to enable safe transmission of information, related technicians invent encryption and decryption technology, in a public key cryptosystem, public keys used for encryption are public, anyone can utilize the public keys to carry out encryption algorithm on data, and private keys corresponding to the public keys are adopted for decryption. Therefore, how to manage keys securely and efficiently is an important issue. In the related art of the existing SM9, the private keys of the users are generated by the main private key of the secret management center, the secret management center grasps the private keys of all the users in the system, and once the main private key is revealed, the private keys of all the users are revealed, so that the security risk is high.
Therefore, how to provide a solution to the above technical problem is a problem that a person skilled in the art needs to solve at present.
Disclosure of Invention
The purpose of the present disclosure is to provide an SM9 key generation method, an SM9 key generation device, an SM9 key generation system, and a computer readable storage medium, which adopt a plurality of secret management centers to generate corresponding sub-private keys through interactive communication and send the sub-private keys to a target user, so that the key is only mastered by the target user, and in the whole interactive process, the user does not need to participate in the interaction, only needs to passively accept the share of the private key, thereby improving the security of the private key.
According to a first aspect of an embodiment of the present disclosure, there is provided an SM9 key generation method, including:
according to the ID of the target user and the first master private key, the first random number and the second random number are used for carrying out interactive communication with a plurality of slave secret management centers so as to generate a first sub private key corresponding to the format of an SM9 algorithm; the secondary secret management center is a secret management center which performs the interactive communication by utilizing a third random number and a fourth random number according to a second main private key;
and sending the first sub private key to the target user so that the target user synthesizes a private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center.
Optionally, the interactive communication between the first random number and the second random number and the plurality of secondary crypto centers is performed according to the ID of the target user and the first master private key, so as to generate a first sub private key corresponding to the format of the SM9 algorithm, which includes:
according to the ID of the target user and the first main private key, a preset variable is marked as Hash (ID hi, N) +ks) by using a public key of a homomorphic encryption algorithm 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is the first master private key;
Obtaining a second ciphertext of each secondary password pipe center; the second ciphertext is obtained by encrypting the second master private key by the slave crypto center through the public key;
obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly, obtaining the second random ciphertext obtained by encrypting the fourth random number by using the public key and the third random number and the first ciphertext from the secret management center, and obtaining a second temporary variable;
decrypting each second temporary variable to obtain each first plaintext;
and obtaining the first sub private key by using the first plaintext, the first random number, the second random number and the first main private key based on the format of the SM9 algorithm.
Optionally, the homomorphic encryption algorithm is a palellier algorithm.
Optionally, the obtaining the first sub-private key by using the format based on the SM9 algorithm with the first plaintext, the first random number, the second random number, and the first main private key includes:
Calculating according to each first plaintext, each first random number, each second random number and the preset variable to obtain a first intermediate number;
obtaining a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number and the second master private key from the secondary secret pipe center; the second plaintext is obtained by decrypting the first temporary variable from the password center;
obtaining a third intermediate number according to the first intermediate number, the second intermediate number and the first random number, obtaining a fifth intermediate number by using the third intermediate number, the second ciphertext and a third random ciphertext obtained by using the public key for a fifth random number, and obtaining a sixth intermediate number from the center of the secret pipe, wherein the sixth intermediate number is data obtained by using a fourth intermediate number, a third ciphertext obtained by using the public key and the first master private key and transmitted by the center of the master secret pipe and a sixth random number by using the public key, and the fourth intermediate number is data obtained by using the first intermediate number, the second intermediate number and the third random number;
obtaining the first sub private key by using a third plaintext obtained by decrypting the sixth intermediate number, the third intermediate number, the fifth random number, the first main private key and a generator;
Correspondingly, the second sub private key is a sub private key obtained by the secondary secret management center according to the fourth intermediate number, a fourth plaintext obtained by decrypting the fifth intermediate number, the sixth random number, the second main private key and the generator.
Optionally, the preset variable is recorded as Hash (ID, N) +ks) by using the public key of the homomorphic encryption algorithm according to the ID of the target user and the first master private key 1 The encryption method comprises the following steps of:
judging whether the preset variable is equal to 0;
if the first private key is equal to 0, the first main private key is redetermined;
if not, executing the step of recording the preset variable as Hash (ID hi, N) +ks) according to the ID of the target user and the first main private key by using the public key of the homomorphic encryption algorithm 1 And encrypting to obtain a first ciphertext.
Optionally, after the interactive communication is performed with the plurality of secondary crypto centers by using the first random number and the second random number according to the ID of the target user and the first master private key to generate the first sub private key corresponding to the format of the SM9 algorithm, the method further includes:
judging whether the first sub private key corresponds to the format of the SM9 algorithm;
and if the first sub private key corresponds to the format of the SM9 algorithm, the first sub private key is sent to the target user.
According to a second aspect of the embodiments of the present disclosure, there is provided an SM9 key generation apparatus, the SM9 key generation apparatus including:
the first sub private key generation module is used for carrying out interactive communication with the plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first main private key so as to generate a first sub private key corresponding to the format of the SM9 algorithm; the secondary secret management center is a secret management center which performs the interactive communication by utilizing a third random number and a fourth random number according to a second main private key;
and the first sub private key sending module is used for sending the first sub private key to the target user so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys in the secondary secret management center.
Optionally, the first sub private key generating module includes:
a first ciphertext obtaining unit, configured to record a preset variable as Hash (ID, N) +ks) using a public key of a homomorphic encryption algorithm according to the ID of the target user and the first master private key 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is the first master private key;
the second ciphertext obtaining unit is used for obtaining the second ciphertext of each secondary ciphertext management center; the second ciphertext is obtained by encrypting the second master private key by the slave crypto center through the public key;
The temporary variable obtaining unit is used for obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly obtaining the second random ciphertext obtained by encrypting the fourth random number by using the public key according to the third random number, the first ciphertext and the first ciphertext from the center of the secret pipe, and obtaining a second temporary variable;
the decryption unit is used for decrypting each second temporary variable to obtain each first plaintext;
and the first sub private key generating unit is used for obtaining the first sub private key by using the first plaintext, the first random number, the second random number and the first main private key based on the format of the SM9 algorithm.
Optionally, the homomorphic encryption algorithm is a palellier algorithm.
Optionally, the first sub private key generating unit includes:
the first intermediate number obtaining subunit is configured to calculate according to each first plaintext, each first random number, each second random number, and the preset variable, to obtain a first intermediate number;
a second intermediate number obtaining subunit, configured to obtain a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number, and the second master private key from the secondary secret pipe center; the second plaintext is obtained by decrypting the first temporary variable from the password center;
A fifth intermediate number and a sixth intermediate number obtaining subunit, configured to obtain a third intermediate number according to the first intermediate number, the second intermediate number, and the first random number, obtain a fifth intermediate number according to the third intermediate number, the second ciphertext, and a third random ciphertext obtained from a fifth random number by using the public key, and obtain a sixth intermediate number from the center of the secret pipe, where the sixth intermediate number is data obtained from the sixth random number by using a third ciphertext obtained from the public key and the first master private key and sent from the center of the master secret pipe by using a fourth intermediate number, and the fourth intermediate number is data obtained from the third random number by using the public key, and the fourth intermediate number is data obtained from the first intermediate number, the second intermediate number, and the third random number;
and the first sub private key generation subunit is used for obtaining the first sub private key by using the third plaintext obtained by decrypting the sixth intermediate number, the third intermediate number, the fifth random number, the first main private key and the generator.
Optionally, the first sub private key generating module further includes:
a judging unit, configured to judge whether the preset variable is equal to 0;
the first execution unit is used for redefining the first main private key when the preset variable is equal to 0;
A second execution unit, configured to execute, when the preset variable is not equal to 0, the method according to the ID of the target user and the first primary private key, and record the preset variable as Hash (ID, N) +ks) by using the public key of the homomorphic encryption algorithm 1 And encrypting to obtain a first ciphertext.
Optionally, the SM9 key generation device further includes:
the judging module is used for judging whether the first sub private key corresponds to the format of the SM9 algorithm;
and the sending module is used for sending the first sub private key to the target user if the first sub private key accords with the format of the SM9 algorithm.
According to a third aspect of the embodiments of the present disclosure, there is provided an SM9 key generation system, including:
the master secret management center is used for carrying out interactive communication with the plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first master private key; transmitting the first sub private key to the target user;
the secondary secret management centers are used for carrying out interactive communication with other secret management centers except the current secondary secret management center by utilizing a third random number and a fourth random number according to a second main secret key, generating a current second sub-secret key, and sending the current second sub-secret key to the target user;
And the target user is used for generating a private key according to the received first sub private key and each second sub private key.
Optionally, the master dense pipe center and the plurality of slave dense pipe centers are disposed in different devices.
According to a fourth aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the SM9 key generation method as described above.
According to the technical scheme, the SM9 key generation method has the advantages that the master secret management center and the plurality of slave secret management centers are adopted for interactive communication, the first sub-private keys are generated and sent to the target user, so that the target user synthesizes the private keys according to the first sub-private keys and the plurality of second sub-private keys, only the target user can master the key, and the safety of the private keys is improved; in the interactive communication process of a plurality of secret management centers, the master secret management center performs information interaction with a plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first master private key, so that the safety of the first master private key is ensured, the fact that only the target user holds the final private key is realized, the user does not need to participate in interaction in the whole interaction process, only the share of the private key is required to be passively accepted, and the safety of the private key is improved. Furthermore, when the master secret pipe center and the plurality of slave secret pipe centers are in interactive communication, the first random number and the third random number are utilized to protect the first master private key of the master secret pipe center and the second master private key of the slave secret pipe center in the encryption process, and the second random number and the fourth random number protect the first random number and the third random number in the encryption process, so that the safety of the first master private key and the second master private key is improved in the interactive communication process, the first sub private key is finally sent to the target user, the target user synthesizes the private keys according to the first sub private key and the plurality of second sub private keys, only the target user can obtain the complete private keys, and the master secret pipe center and the slave secret pipe center can only master the own master private key, and the safety of the private keys is not influenced after the master private key is lost by the part of the secret pipe center. The present disclosure also provides an SM9 key generating device, an SM9 key generating system, and a computer readable storage medium, which have the same advantages and are not described herein.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the related art, the drawings that are required to be used in the embodiments or the related technical descriptions will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present disclosure, and other drawings may be obtained from the provided drawings without inventive effort to those of ordinary skill in the art.
Fig. 1 is a flowchart of an SM9 key generation method provided in an embodiment of the present disclosure;
fig. 2 is a flowchart of another SM9 key generation method provided by an embodiment of the present disclosure;
fig. 3 is a flowchart of another SM9 key generation method provided by an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of key generation according to an embodiment of the present disclosure;
fig. 5 is a flowchart of another SM9 key generation method provided by an embodiment of the present disclosure;
fig. 6 is a schematic diagram of an SM9 key generating apparatus according to an embodiment of the present disclosure;
fig. 7 is a schematic diagram of a first sub-private key generation module 610 provided in an embodiment of the present disclosure;
fig. 8 is a schematic diagram of an SM9 key generation system according to an embodiment of the present disclosure;
fig. 9 is a block diagram of an electronic device 900, according to an example embodiment.
Detailed Description
The core of the present disclosure is to provide a method, a device, a system and a computer readable storage medium for generating an SM9 key, which adopt a plurality of secret management centers to generate corresponding sub-private keys through interactive communication and send the sub-private keys to a target user, so that only the target user can master the key, and the security of the private key is improved.
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present disclosure more apparent, the technical solutions of the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present disclosure, and it is apparent that the described embodiments are some embodiments of the present disclosure, but not all embodiments. Based on the embodiments in this disclosure, all other embodiments that a person of ordinary skill in the art would obtain without making any inventive effort are within the scope of protection of this disclosure.
In order to solve the above technical problem, the disclosure provides an SM9 key generation method, referring specifically to fig. 1, fig. 1 is a flowchart of an SM9 key generation method provided by an embodiment of the disclosure, where the method includes:
s101, according to the ID of a target user and a first main private key, performing interactive communication with a plurality of secondary secret management centers by using a first random number and a second random number to generate a first sub private key corresponding to the format of an SM9 algorithm; the secondary secret pipe center is a secret pipe center which performs interactive communication by utilizing the third random number and the fourth random number according to the second main private key.
The present embodiments relate to a plurality of dense tube centers, including a master dense tube center and a plurality of slave dense tube centers. It can be understood that the main dense pipe center and the plurality of second dense pipes may be disposed in different devices, or may be disposed in the same device, where a certain number of dense pipe centers may be disposed in the same device, and other dense pipe centers may be disposed in different devices, so long as the user may set the dense pipe centers according to actual needs, and this embodiment is not limited any more as long as the purpose of the present disclosure can be satisfied.
The target user ID refers to the identity of the target user. The general SM9 algorithm is that the secret pipe center generates random numbers as a main private key ks, and then G is calculated 2 The element P= [ ks ]]P 2 As the master public key, the crypto center selects and discloses a one-byte-identified private key generation function identifier hid. Therefore, the present disclosure provides an SM9 key generation method according to an SM9 algorithm, which ensures the security of the key through the interactive communication between a plurality of secret management centers. It can be understood that, in the embodiment, the format of the SM9 algorithm is to be satisfied by the first sub-private key finally obtained by the interactive communication mode between the master crypto-tube center and the slave crypto-tube center. The security of the master private key, including the first master private key generated by the master secret pipe center and the second master private key generated by the slave secret pipe center is not obtained by other secret pipe centers, so that in the process of interaction between the master secret pipe center and the plurality of secret pipe centers, the master secret pipe center is adopted to carry out interactive communication with the plurality of slave secret pipe centers by using the first random number and the second random number in order to ensure the security of the first master private key and each second master private key, and the slave secret pipe center is the secret pipe center which carries out interactive communication by using the third random number and the fourth random number according to the second master private key; the first random number is used for protecting the first main private key, the third random number is used for protecting the second main private key, the second random number is used for protecting the first random number, the fourth random number is used for protecting the third random number, and leakage of the second main private key of the first main private key is avoided in the process. The most of the steps A first sub private key corresponding to the format of the SM9 algorithm is ultimately generated. The embodiment does not limit the interaction process, and the user can select according to actual requirements.
Taking the number of slave crypto centers as one example, the homomorphic encryption algorithm is an addition homomorphic encryption algorithm, the addition homomorphic encryption algorithm comprises an addition homomorphic encryption algorithm and a subtraction homomorphic encryption algorithm, when the homomorphic encryption algorithm is the addition homomorphic encryption algorithm in the addition homomorphic encryption algorithm, according to the ID of the target user and the first main private key, the public key of the addition homomorphic encryption algorithm is utilized to record a preset variable as Hash (ID, N) +ks) 1 Encryption is carried out to obtain a first ciphertext E (Hash (ID I hit, N) +ks) 1 ) The method comprises the steps of carrying out a first treatment on the surface of the Wherein ks is 1 Is a first master private key; obtaining a second ciphertext from the center of the secret pipe, denoted as E (ks) 2 ) The method comprises the steps of carrying out a first treatment on the surface of the Wherein the second ciphertext is a second master private key ks of the secondary secret management center by using the public key 2 Encrypting the obtained ciphertext; the first random number is marked as alpha 1 Second ciphertext E (ks) 2 ) Second random number beta using public key 1 First random ciphertext E (beta) obtained by encryption 1 ) Obtaining each first temporary variable, wherein the first temporary variable can be alpha 1 *E(ks 2 )+E(β 1 ) Of course, other random functions κ may be introduced 1 And encrypts it with public key to obtain E (kappa) 1 ) At this time, the first temporary variable is α 1 *E(ks 2 )+E(β 1 )+E(κ 1 ) Corresponding to and acquiring a third random number alpha from the center of the dense tube 2 First ciphertext E (Hash (ID hi, N) +ks) 1 ) Fourth random number beta using public key pair 2 Second random ciphertext E (β) obtained by encryption 2 ) Obtaining a second temporary variable corresponding to the first temporary variable, wherein the second temporary variable can be alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 2 ) Or alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 2 )+E(κ 2 ) The method comprises the steps of carrying out a first treatment on the surface of the Decrypting each second temporary variable to obtain each first plaintext alpha 2 *(Hash(ID||hid,N)+ks 1 )+β 2 Or alpha 2 *(Hash(ID||hid,N)+ks 1 )+β 2 +κ 2 The method comprises the steps of carrying out a first treatment on the surface of the The format based on the SM9 algorithm utilizes each first plaintext, the first random number, the second random number and the first main private key to obtain a first sub private key. The format of the private key synthesized by the main secret pipe center and the plurality of secret pipe centers accords with [ ks ] (Hash (ID||hide, N) +ks) -1 ]P 1 Where ks is the set of total primary private keys, when the primary private key at the center of the primary secret pipe is ks 1 The master private key of the slave secret center is ks 2 Then ks=ks 1 +ks 2 The method comprises the steps of carrying out a first treatment on the surface of the When the main private key of the main secret pipe center is ks1, the main private key of the auxiliary secret pipe center is ks 2 、ks 3 Then ks=ks 1 +ks 2 +ks 3 The method comprises the steps of carrying out a first treatment on the surface of the When the main private key of the main secret pipe center is ks 1 The master private key of the slave secret center is ks 2 、ks 3 、ks 4 Then ks=ks 1 +ks 2 +ks 3 +ks 4 。
When the homomorphic encryption algorithm is a subtractive homomorphic encryption algorithm in the additive homomorphic encryption algorithm, the subtractive homomorphic algorithm is utilized to perform the interaction processing between the master secret pipe center and the slave secret pipe center, and the specific processing process refers to the additive homomorphic algorithm, for example, when the public key of the subtractive homomorphic encryption algorithm is utilized to record a preset variable as Hash (ID, N) +ks) according to the ID of the target user and the first master private key 1 Encryption is carried out to obtain a first ciphertext E (Hash (ID I hit, N) +ks) 1 ) The method comprises the steps of carrying out a first treatment on the surface of the Wherein ks is 1 Is a first master private key; obtaining a second ciphertext from the center of the secret pipe, denoted as E (ks) 2 ) The method comprises the steps of carrying out a first treatment on the surface of the Wherein the second ciphertext is a second master private key ks of the secondary secret management center by using the public key 2 Encrypting the obtained ciphertext; the first random number is marked as alpha 1 Second ciphertext E (ks) 2 ) Second random number beta using public key 1 First random ciphertext E (beta) obtained by encryption 1 ) Obtaining each first temporary variable, wherein the first temporary variable can be alpha 1 *E(ks 2 )-E(β 1 ) Of course, other random functions κ may be introduced 1 And encrypts it with public key to obtain E (kappa) 1 ) At this time, the first temporary variable is α 1 *E(ks 2 )-E(β 1 )-E(κ 1 ) Corresponding to and acquiring from the center of the dense pipeAccording to a third random number alpha 2 First ciphertext E (Hash (ID hi, N) +ks) 1 ) Fourth random number beta using public key pair 2 Second random ciphertext E (β) obtained by encryption 2 ) Obtaining a second temporary variable corresponding to the first temporary variable, wherein the second temporary variable can be alpha 2 *E(Hash(ID||hid,N)+ks 1 )-E(β 2 ) Or alpha 2 *E(Hash(ID||hid,N)+ks 1 )-E(β 2 )-E(κ 2 ) The method comprises the steps of carrying out a first treatment on the surface of the Decrypting each second temporary variable to obtain each first plaintext alpha 2 *(Hash(ID||hid,N)+ks 1 )-β 2 Or alpha 2 *(Hash(ID||hid,N)+ks 1 )-β 2 -κ 2 . Of course, an isomorphic algorithm, for example, a Gentry algorithm, may be utilized, and a specific user may be set in a user-defined manner, so long as in the interactive communication process, the master secret pipe center and the slave secret pipe center perform interactive communication with a plurality of slave secret pipe centers by using a first random number and a second random number according to the ID of the target user and the first master secret key, so as to obtain corresponding sub secret keys, and formats of the private keys obtained by synthesizing the master secret pipe center and the plurality of slave secret pipe centers conform to the following formats:
[ks*(Hash(ID||hid,N)+ks) -1 ]P1。
S102, the first sub private key is sent to the target user, so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center.
The main secret management center sends the first sub-private key to the target user, and the plurality of secondary secret management centers send the corresponding second sub-private keys to the target user, at the moment, the target user obtains the corresponding sub-private keys sent by the secret management centers, and the target user synthesizes the sub-private keys to finally generate the private key.
Based on the above technical scheme, the SM9 key generation method provided by the embodiment adopts the interaction communication between the master secret management center and the plurality of slave secret management centers to generate the first sub-private key, and sends the first sub-private key to the target user, so that the target user synthesizes the private key according to the first sub-private key and the plurality of second sub-private keys, thereby realizing that only the target user grasps the key and improving the security of the private key; in the interactive communication process of a plurality of secret management centers, the master secret management center performs information interaction with a plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first master private key, so that the safety of the first master private key is ensured, the fact that only the target user holds the final private key is realized, the user does not need to participate in interaction in the whole interaction process, only the share of the private key is required to be passively accepted, and the safety of the private key is improved.
Based on the foregoing embodiments, the present embodiment provides an SM9 key generation method, which implements security of a private key by performing interaction between a specific master crypto center and a plurality of slave crypto centers, and referring specifically to fig. 2, fig. 2 is a flowchart of another SM9 key generation method provided by an embodiment of the present disclosure, and specifically includes:
s201, marking a preset variable as Hash (ID||hide, N) +ks) by utilizing a public key of a homomorphic encryption algorithm according to the ID of a target user and a first main private key 1 And encrypting to obtain a first ciphertext.
Wherein ks is 1 Is the first master private key. The center of the main secret pipe generates a random number as a first main private key ks 1 Simultaneous calculation of G 2 The element P= [ ks ]]P 2 As the master public key, the crypto center selects and discloses a one-byte-identified private key generation function identifier hid. The encryption algorithm result of the public key of the homomorphic encryption algorithm is represented by E (), wherein the first ciphertext may be E (Hash (ID hi, N) +ks) 1 ) Of course, a new parameter, such as a new random number, may be added on the basis of the above, as long as the purpose of the present embodiment is ensured.
Further, according to the ID of the target user and the first main private key ks 1 The public key of homomorphic encryption algorithm is used for marking preset variables as Hash (ID hi, N) +ks) 1 The encryption method comprises the following steps of: judging whether the preset variable is equal to 0 or not; if the first private key is equal to 0, the first main private key is redetermined; if not, executing the ID and the first main private key ks according to the target user 1 The public key of homomorphic encryption algorithm is used for marking preset variables as Hash (ID hi, N) +ks) 1 And encrypting to obtain a first ciphertext.
When the preset variable is 0, the first main private key is regenerated, and the first main public key is calculated and disclosed so as to ensure the generation accuracy of the first sub private key.
Further, the homomorphic encryption algorithm is a palilier algorithm, and of course, other addition homomorphic encryption algorithms are also possible, and it is noted that the addition homomorphic encryption algorithm is a generic term of an addition homomorphic encryption algorithm and a subtraction homomorphic encryption algorithm.
S202, obtaining a second ciphertext of each secondary password pipe center; the second ciphertext is obtained by encrypting the second master private key by using the public key from the password management center.
The second ciphertext is obtained by encrypting the second master private key by using the public key of the homomorphic encryption algorithm from the encryption management center. Notably, there is symmetry in the data interaction throughout the interaction of the master dense pipe center and the plurality of slave dense pipe centers. The homomorphic encryption algorithm is consistent with the homomorphic algorithm encryption of the main secret pipe center. The second ciphertext may be obtained corresponding to the first ciphertext in step S201 by obtaining E (ks) 2 ) Wherein ks is 2 Is the second master private key.
S203, obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly, obtaining a second random ciphertext obtained by encrypting the fourth random number by using the public key according to the third random number and the first ciphertext from the center of the secret pipe, and obtaining the second temporary variable.
The first random number is set to alpha 1 The second random number is set to beta 1 Protecting the second ciphertext to obtain alpha 1 *E(ks 2 )+E(β 1 ) The corresponding secondary cipher tube center protects the first cipher text to obtain alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 2 ) And the other secondary secret management centers protect the second ciphertext except the secondary secret management center according to the current secret management center protection method, so as to realize the final purpose of protecting the first main private key and each second main private key.
S204, decrypting each second temporary variable to obtain each first plaintext.
Correspondingly, pair ofDecrypting the second temporary variable to obtain a first plaintext alpha 1 *ks 2 +β 1 It can be known that the second primary private key in the first plaintext obtained by the primary crypto-tube center is protected by the first random number and the second random number.
S205, the format based on the SM9 algorithm utilizes the first plaintext, the first random number, the second random number and the first main private key to obtain a first sub private key.
At the moment, calculating is carried out according to the plaintext, the first random number, the second random number and the first main private key, and finally, the sub private key corresponding to the SM9 algorithm format is obtained. The above correspondence means that the formats of the main secret pipe center and the plurality of private keys synthesized from the secret pipe center conform to [ ks ] (Hash (ID, N) +ks) -1 ]P 1 . The specific calculation process is not limited any more, as long as the object of the present embodiment can be achieved.
S206, the first sub private key is sent to the target user, so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center.
It is noted that, in the above calculation process, the user may increase or decrease the parameters in the calculation process according to the actual needs to achieve the purpose of the disclosure, and the user may adjust the disclosure by himself, which is not limited any more.
Based on the above technical solution, in the SM9 key generation method provided in this embodiment, when the master center performs interactive communication with the plurality of slave centers, the first random number and the third random number are used to protect the first master private key of the master center and the second master private key of the slave center during the encryption process, and the second random number and the fourth random number protect the first random number and the third random number during the encryption process, so that the security of the first master private key and the second master private key is improved during the interactive communication process, the first sub private key is finally sent to the target user, and the target user synthesizes the private keys according to the first sub private key and the plurality of second sub private keys, so that only the target user can obtain the complete private key, and the master center and the slave center can only master the own master private key, thereby avoiding that the security of the private key is not affected after part of the master private key is lost.
Based on the foregoing embodiments, the present embodiment provides a method for generating an SM9 key, which implements security of a private key by performing interaction between a specific master crypto center and a plurality of slave crypto centers, and referring specifically to fig. 3, fig. 3 is a flowchart of another method for generating an SM9 key provided in an embodiment of the present disclosure, and specifically includes:
s301, marking a preset variable as Hash (ID||hide, N) +ks) by utilizing a public key of a homomorphic encryption algorithm according to the ID of a target user and a first main private key 1 And encrypting to obtain a first ciphertext.
Where ks1 is the first master private key.
S302, obtaining a second ciphertext of each secondary password center; the second ciphertext is obtained by encrypting the second master private key by using the public key from the password management center.
S303, obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly obtaining a second random ciphertext obtained by encrypting the fourth random number by using the public key according to the third random number and the first ciphertext from the center of the secret pipe, and obtaining the second temporary variable.
S304, decrypting each second temporary variable to obtain each first plaintext.
And S305, calculating according to each first plaintext, each first random number, each second random number and a preset variable to obtain a first intermediate number.
S306, obtaining a second intermediate number obtained by calculating a second plaintext, a third random number, a fourth random number and a second main private key from the center of the secret pipe; the second plaintext is obtained by decrypting the first temporary variable from the center of the cryptographic pipe.
S307, obtaining a third intermediate number according to the first intermediate number, the second intermediate number and the first random number, obtaining a fifth intermediate number by using the third intermediate number, the second ciphertext and the third random ciphertext obtained by using the public key to the fifth random number, and obtaining a sixth intermediate number from the center of the secret management.
The sixth intermediate number is data obtained by utilizing a fourth intermediate number, a third ciphertext obtained by utilizing a public key and a first main private key and obtained by utilizing a public key to a sixth random number, wherein the third intermediate number is data obtained according to the first intermediate number, the second intermediate number and the third random number.
S308, obtaining the first sub private key by using the third plaintext, the third intermediate number, the fifth random number, the first main private key and the generator obtained by decrypting the sixth intermediate number.
Correspondingly, the second sub private key is obtained by decrypting the fourth plaintext, the sixth random number, the second main private key and the generator element obtained from the center of the secret pipe according to the fourth intermediate number and the fifth intermediate number.
And S309, the first sub private key is sent to the target user, so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center.
The second sub private key is obtained from the secret management center according to a fourth plaintext, a fourth intermediate number, a sixth random number, a second main private key and a generator which are obtained by decrypting the fifth intermediate number.
Based on embodiment 3, the disclosure provides a specific SM9 key generation method, and when a secret management center is a secret management center, please refer to fig. 4, fig. 4 is a schematic diagram of key generation provided by an embodiment of the disclosure, which specifically includes:
e () is a public key algorithm of an addition homomorphic encryption algorithm, P1 is a generator, [ KS ] 1 ]P 1 +[KS 2 ]P 1 Recorded as ds, F as private key N Is a finite field containing N elements, N is a cyclic group G 1 、G 2 、G T Is the order of (1), where hids represents the identifier of the signature private key generation function, P 1 Is a representation group G 1 Is a generator of (1); user a is the target user.
KGC 1 Is the center of the main dense pipe, alpha 1 Is the first random number, beta 1 Is the second random number, ks 1 Hash (ID hi, N) +ks is the first child private key 1 For a preset variable, E (Hash (ID hi, N) +ks) 1 ) For the first ciphertext, E (beta) 1 ) Alpha is the first random ciphertext 1 *E(ks 2 )+E(β 1 ) As the first temporary variable, alpha 2 *(Hash(ID||hid,N)+ks 1 )+β 2 As the first plaintext, alpha 2 (Hash(ID||hid,N)+ks 1 )+β 2 +α 1 *(Hash(ID||hid,N)+ks 1 )-β 1 The first intermediate number is denoted as gamma 1 ,(γ 1 +γ 2 ) -1 *α 1 The third intermediate number is denoted as delta 1 ,ε 1 E (ε) is the fifth random number 1 ) Delta as the third random ciphertext 1 *E(ks 2 )+E(ε 1 ) A fifth intermediate number, delta 2 *ks 1 +ε 2 Is the third plaintext, P 1 *(δ 1 *ks 1 +δ 2 *ks 1 +ε 2 -ε 1 ) Record as [ KS ] for the first sub-private key 1 ]P 1 ;
KGC 2 To be from the center of the dense tube, alpha 2 Is the third random number, beta 2 Ks is a fourth random number 2 E (ks) is the second sub-private key 2 ) Is the second ciphertext, E (beta) 2 ) Is the second random ciphertext, alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 2 ) As the second temporary variable, alpha 1 *ks 2 +β 1 Is the second plaintext, alpha 1 *ks 2 +β 1 +α 2 *ks 2 -β 2 The second intermediate number is denoted as gamma 2 ,(γ 1 +γ 2 ) -1 *α 2 The fourth intermediate number is denoted as delta 2 ,ε 2 Sixth random number, delta 2 *E(ks 1 )+E(ε 2 ) For a sixth intermediate number, E (ks) 1 ) Is the third ciphertext, delta 1 *ks 2 +ε 1 For the fourth plain text, P 1 *(δ 1 *ks 2 +δ 2 *ks 2 +ε 1 -ε 2 ) Record as [ KS ] for the second sub-private key 2 ]P 1 。
S1、KGC 1 Randomly select alpha 1 ∈F N ,KGC 2 Randomly select alpha 2 ∈F N ;KGC 1 Hash (ID hid, N) +ks) pairs using public keys of an additive homomorphic encryption algorithm 1 Encryption to obtain E (Hash (ID) hi, N) +ks) 1 ) And will beWhich is sent to KGC 2 。KGC 2 Public key pair ks using additive homomorphic encryption algorithm 2 Encryption to obtain E (ks) 2 ) And send it to KGC 1 。
S2、KGC 1 Random selection of beta 1 ∈F N Will be alpha 1 *E(ks 2 )+E(β 1 ) Sent to KGC 2 ;
KGC 2 Random selection of beta 2 ∈F N Will be alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 2 ) Sent to KGC 1 。
S3、KGC 1 Decryption to obtain alpha 2 *(Hash(ID||hid,N)+ks 1 )+β 2 Calculate a first intermediate number gamma 1 I.e. alpha 2 (Hash(ID||hid,N)+ks 1 )+β 2 +α 1 *(Hash(ID||hid,N)+ks 1 )-β 1 And sending γ1 to KGC 2 ;
KGC 2 Decryption to obtain alpha 1 *ks 2 +β 1 Calculating a second intermediate number gamma 2 I.e. alpha 1 *ks 2 +β 1 +α 2 *ks 2 -β 2 And will be gamma 2 Sent to KGC 1 。
S4、KGC 1 Calculating delta 1 I.e. (gamma) 1 +γ 2 ) -1 *α 1 Randomly select epsilon 1 ∈F N And will delta 1 *E(ks 2 )+E(ε 1 ) And E (ks) 1 ) To KGC 2 ;
KGC 2 Calculating delta 2 I.e. (gamma) 1 +γ 2 ) -1 *α 2 Randomly select epsilon 2 ∈F N And will delta 2 *E(ks 1 )+E(ε 2 ) To KGC 1 。
S5、KGC 1 Calculating a first sub private key P 1 *(δ 1 *ks 1 +δ 2 *ks 1 +ε 2 -ε 1 ) And the first sub private key is [ KS ] 1 ]P 1 Sending to the user A;
KGC 2 calculating a second sub private key P 1 *(δ 1 *ks 2 +δ 2 *ks 2 +ε 1 -ε 2 ) And the second sub private key is [ KS ] 2 ]P 1 To user a.
S6, the user A obtains the private key ds of the user A, namely [ KS ] 1 ]P 1 +[KS 2 ]P 1 。
The SM9 key generation method can know that the private key of the target user is:
ds=[KS 1 ]P 1 +[KS 2 ]P 1 =[(ks 1 +ks 2 )(Hash(ID||hid,N)+ks 1 +ks 2 ) -1 ]P 1 ,
at this time, the public key is:
[ks 1 ]P 2 +[ks 2 ]P 2 =[(ks 1 +ks 2 )]P 2 ,
the private key is consistent with the SM9 standard signature. And the private key of the target user is only mastered by the private key of the target user, and the KGC is the center of the password management 1 And KGC 2 Only partial private keys are mastered, and the private keys of the users can be deduced by collusion of the two private keys. Therefore, the security of the user private key is improved.
Based on embodiment 3, the present disclosure provides another specific SM9 key generation method, when the plurality of slave crypto centers are two slave crypto centers, including:
main seal pipe center KGC 1 First secondary sealed tube center KGC 2 Second secondary dense tube center KGC 3 ;
E () is public key cryptographic algorithm of addition homomorphic cryptographic algorithm, P 1 To generate the element [ KS ] 1 ]P 1 +[KS 2 ]P 1 Recorded as ds, F as private key N Is a finite field containing N elements, N is a cyclic group G 1 、G 2 、G T Is the order of (1), where hids represents the identifier of the signature private key generation function, P 1 Is a representation group G 1 Is a generator of (1);
KGC 1 is the center of the main dense pipe, alpha 1 Is the first random number, beta 12 Is the first and second random numbers, beta 13 Is a second random number, ks 1 Hash (ID hi, N) +ks is the first child private key 1 For a preset variable, E (Hash (ID hi, N) +ks) 1 ) For the first ciphertext, E (beta) 12 ) For the first random ciphertext, E (beta 13 ) Alpha is the second first random ciphertext 1 *E(ks 2 )+E(β 12 ) Alpha is the first temporary variable 1 *E(ks 3 )+E(β 13 ) Alpha is the second first temporary variable 2 *(Hash(ID||hid,N)+ks 1 )+β 21 Alpha is the first plaintext 3 *(Hash(ID||hid,N)+ks 1 )+β 31 For the second first plaintext, α2 (Hash (ID hi, N) +ks) 1 )+β21+α3*(Hash(ID||hid,N)+ks 1 )-β31+α1*(Hash(ID||hid,N)+ks 1 )-β12-β13
The first intermediate number is marked as gamma 1 ,(γ 1 +γ 2 +γ 3 ) -1 *α 1 The third intermediate number is denoted as delta 1 ,ε 12 、ε 13 ∈F N E (ε) is the fifth random number 1 ) Delta as the third random ciphertext 1 *E(ks 2 )+E(ε 12 ) Delta as the first fifth intermediate number 1 *E(ks 3 )+E(ε 13 ) The second intermediate number is delta 2 *ks 1 +ε 21 For the first third plaintext, δ3×ks 1 +ε 31 For the second and third plain text, P 1 *(δ 1 *ks 1 -ε 12 -ε 13 +δ 2 *ks 1 +ε 21 +δ 3 *ks 1 +ε 31 ) Record as [ KS ] for the first sub-private key 1 ]P 1 ;
KGC 2 For the first secondary dense pipe center alpha 2 Is the third random number, beta 21 、β 23 ∈F N Ks is a fourth random number 2 E (ks) is the second sub-private key 2 ) Is the second ciphertext, E (beta) 21 )、E(β 23 ) Is the second random ciphertext, alpha 2 *E(Hash(ID||hid,N)+ks 1 )+E(β 21 )、α 2 *E(ks 3 )+E(β 23 ) As the second temporary variable, alpha 1 *ks 2 +β 12 、α 3 *ks 3 +β 23 Is the second plaintext, alpha 1 *ks 2 +β 12 +α 3 *ks 2 +β 32 +α 2 +ks 2 -β 21 -β 23 The second intermediate number is denoted as gamma 2 ,(γ 1 +γ 2 +γ 3 ) -1 *α 2 The fourth intermediate number is denoted as delta 2 ,ε 21 、ε 23 Sixth random number, delta 2 *E(ks 1 )+E(ε 21 )、δ 2 *E(ks 3 )+E(ε 23 ) For a sixth intermediate number, E (ks) 1 ) Is the third ciphertext, delta 1 *ks 2 +ε 12 、δ 3 *ks 2 +ε 32 For the fourth plain text, P 1 *(δ 2 *ks 2 -ε 21 -ε 23 +δ 1 *ks 2 +ε 12 +δ 3 *ks 2 +ε 32 ) Record as [ KS ] for the second sub-private key 2 ]P 1 ;
KGC 3 Is the center of the second secondary sealed tube. In order to ensure that the parameters are easy to understand, the parameters in the center of the second secondary secret pipe are not renamed, and the meaning represented by the letters is mainly used. Alpha 3 Is the third random number, beta 31 、β 32 ∈F N Ks is a fourth random number 3 E (ks) is the second sub-private key 3 ) Is the second ciphertext, E (beta) 31 )、E(β 32 ) Is the second random ciphertext, alpha 3 *E(Hash(ID||hid,N)+ks 1 )+E(β 31 )、α 3 *E(ks 2 )+E(β 32 ) As the second temporary variable, alpha 1 *ks 3 +β 13 、α 2 *ks 3 +β 23 Is the second plaintext, alpha 1 *ks 3 +β 13 +α 2 *ks 3 +β 23 +α 3 +ks 3 -β 31 -β 32 The second intermediate number is denoted as gamma 3 ,(γ 1 +γ 2 +γ 3 ) -1 *α 3 The fourth intermediate number is denoted as delta 3 ,ε 31 、ε 32 Sixth random number, delta 3 *E(ks 1 )+E(ε 31 )、δ 3 *E(ks 1 )+E(ε 31 ) For a sixth intermediate number, E (ks) 1 ) Is the third ciphertext, delta 1 *ks 3 +ε 13 、δ 2 *ks 3 +ε 23 For the fourth plain text, P 1 *(δ 3 *ks 3 -ε 31 -ε 32 +δ 1 *ks 3 +ε 13 +δ 2 *ks 3 +ε 23 ) Record as [ KS ] for the second sub-private key 3 ]P 1 。
S10、KGC 1 Randomly select alpha 1E F N ,KGC 2 Randomly select alpha 2 ∈F N ,KGC 3 Randomly select alpha 3 ∈F N ;
KGC 1 Hash (ID hid, N) +ks) pairs using public keys of an additive homomorphic encryption algorithm 1 Encryption to obtain E (Hash (ID) hi, N) +ks) 1 ) And send it to KGC 2 And KGC 3 ;
KGC 2 Public key pair ks using additive homomorphic encryption algorithm 2 Encryption to obtain E (ks) 2 ) And send it to KGC 1 And KGC 3 ;
KGC 3 Public key pair ks using additive homomorphic encryption algorithm 3 Encryption to obtain E (ks) 3 ) And send it to KGC 1 And KGC 2 。
S20、KGC 1 Random selection of beta 12 ,β 13 ∈F N Will be alpha 1 *E(ks 2 )+E(β 12 ) Sent to KGC 2 Will be alpha 1 *E(ks 3 )+E(β 13 ) Sent to KGC 3 ;
KGC 2 Random selection of beta 21 ,β 23 ∈F N Will be alpha 2 *E(Hash(ID)+ks 1 )+E(β 21 ) Sent to KGC 1 Will be alpha 2 *E(ks 3 )+E(β 23 ) Sent to KGC 3 ;
KGC 3 Random selection of beta 31 ,β 32 ∈F N Will be alpha 3 *E(Hash(ID||hid,N)+ks 1 )+E(β 31 ) Sent to KGC 1 Will be alpha 3 *E(ks 2 )+E(β 32 ) Sent to KGC 2 。
S30、KGC 1 Decryption to obtain alpha 2 *(Hash(ID||hid,N)+ks 1 )+β 21 And alpha 3 *(Hash(ID||hid,N)+ks 1 )+β 31 Calculate a first intermediate number gamma 1 I.e. alpha 2 (Hash(ID||hid,N)+ks 1 )+β 21 +α3*(Hash(ID||hid,N)+ks 1 )-β 31 +α 1 *(Hash(ID||hid,N)+ks 1 )-β 12 -β 13
And will be gamma 1 Sent to KGC 2 And KGC 3 ;
KGC 2 Decryption to obtain alpha 1 *ks 2 +β 12 And alpha 3 *ks 3 +β 23 Calculating a second intermediate number gamma 2 I.e. alpha 1 *ks 2 +β 12 +α 3 *ks 2 +β 32 +α 2 +ks 2 -β 2 1-β 23 And will be gamma 2 Sent to KGC 1 And KGC 3 ;
KGC 3 Decryption to obtain alpha 1 *ks 3 +β 13 And alpha 2 *ks 3 +β 23 Calculating a second intermediate number gamma 3 I.e. alpha 1 *ks 3 +β 13 +α 2 *ks 3 +β 23 +α 3 +ks 3 -β 31 -β 32 And will be gamma 3 Sent to KGC 1 And KGC 2 。
S40、KGC 1 Calculating delta 1 I.e. (gamma) 1 +γ 2 +γ 3 ) -1 *α 1 Randomly select epsilon 12 、ε 13 ∈F N And will delta 1 *E(ks 2 )+E(ε 12 ) And E (ks) 1 ) To KGC 2 The method comprises the steps of carrying out a first treatment on the surface of the Will delta 1 *E(ks 3 )+E(ε 13 ) And E (ks) 1 ) To KGC 3 ;
KGC 2 Calculating delta 2 I.e. (gamma) 1 +γ 2 +γ 3 ) -1 *α 2 Randomly select epsilon 21 、ε 23 ∈F N And will delta 2 *E(ks 1 )+E(ε 21 ) To KGC 1 The method comprises the steps of carrying out a first treatment on the surface of the Will delta 2 *E(ks 3 )+E(ε 23 ) To KGC 3 ;
KGC 3 Calculating delta 3 I.e. (gamma) 1 +γ 2 +γ 3 ) -1 *α 3 Randomly select epsilon 31 、ε 32 ∈F N And will delta 3 *E(ks 1 )+E(ε 31 ) To KGC 1 The method comprises the steps of carrying out a first treatment on the surface of the Will delta 3 *E(ks 1 )+E(ε 31 ) To KGC 2 。
S50、KGC 1 Calculating a first sub private key P 1 *(δ 1 *ks 1 -ε 12 -ε 13 +δ 2 *ks 1 +ε 21 +δ 3 *ks 1 +ε 31 ) And the first sub private key is [ KS ] 1 ]P 1 Sending the message to a target user;
KGC 2 calculating a second sub private key P 1 *(δ 2 *ks 2 -ε 21 -ε 23 +δ 1 *ks 2 +ε 12 +δ 3 *ks 2 +ε 32 ) And the first and second sub private keys are [ KS ] 2 ]P 1 Sending the message to a target user;
KGC 3 calculate a second sub private key P 1 *(δ 3 *ks 3 -ε 31 -ε 32 +δ 1 *ks 3 +ε 13 +δ 2 *ks 3 +ε 23 ) And the second sub private key is [ KS ] 3 ]P 1 And sending the message to the target user.
S60, the target user obtains the private key ds of the target user, namely [ KS ] 1 ]P 1 +[KS 2 ]P 1 +[KS 3 ]P 1 。
Therefore, according to the technical scheme provided by the embodiment, the sub private keys can be simultaneously provided by two or even a plurality of secret management centers to synthesize the private key conforming to the SM9 format, so that the security of each main private key is ensured, and the security of the private key is not affected even if part of the main private keys are lost.
Based on the foregoing embodiments, the present embodiment provides a SM9 key generation method, by determining whether the format of the first sub-private key meets the SM9 standard to ensure the correctness of the generated first sub-private key, referring specifically to fig. 5, fig. 5 is a flowchart of another SM9 key generation method provided by the embodiment of the present disclosure, including:
s501, according to the ID of a target user and a first main private key, performing interactive communication with a plurality of secondary secret management centers by using a first random number and a second random number to generate a first sub private key corresponding to the format of an SM9 algorithm; the secondary secret pipe center is a secret pipe center which performs interactive communication by utilizing the third random number and the fourth random number according to the second main private key.
S502, judging whether the first sub private key corresponds to the format of the SM9 algorithm.
And S503, if the first sub private key corresponds to the format of the SM9 algorithm, the first sub private key is sent to the target user, so that the target user synthesizes the private key according to the first sub private key and a plurality of second sub private keys from the secret management center.
After the first sub private key is generated, whether the format of the SM9 algorithm corresponds is verified to determine the correctness in the operation process, and it is noted that the correspondence here refers to that the first sub private key can be combined with a plurality of second sub private keys obtained from the crypto center to form a private key conforming to the SM9 format.
Based on the above technical scheme, the embodiment determines whether the first sub private key corresponds to the SM9 format after obtaining the first sub private key, thereby realizing the correctness of the verification generating process and improving the accuracy of key generation.
The following describes an SM9 key generating apparatus provided by an embodiment of the present disclosure, where the SM9 key generating apparatus described below and the SM9 key generating method described above may refer to each other correspondingly, and referring to fig. 6, fig. 6 is a schematic diagram of an SM9 key generating apparatus provided by an embodiment of the present disclosure, including:
the first sub private key generating module 610 is configured to interactively communicate with the plurality of slave crypto centers by using the first random number and the second random number according to the ID of the target user and the first master private key, so as to generate a first sub private key corresponding to the format of the SM9 algorithm; the secondary secret pipe center is a secret pipe center which performs interactive communication by utilizing the third random number and the fourth random number according to the second main private key;
the first sub-private key sending module 620 is configured to send the first sub-private key to the target user, so that the target user synthesizes the private key according to the first sub-private key and a plurality of second sub-private keys from the crypto center.
In some embodiments, referring specifically to fig. 7, fig. 7 is a schematic diagram of a first sub-private key generation module 610 provided in an embodiment of the disclosure, where the first sub-private key generation module 610 includes:
A first ciphertext obtaining unit 611, configured to record a preset variable as Hash (ID, N) +ks) by using a public key of an addition homomorphic encryption algorithm according to the ID of the target user and the first master private key 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is a first master private key;
a second ciphertext obtaining unit 612, configured to obtain second ciphertexts of the respective slave crypto centers; the second ciphertext is obtained by encrypting a second master private key by using a public key from a password management center;
a temporary variable obtaining unit 613, configured to obtain each first temporary variable according to a first random number, a second ciphertext, and a first random ciphertext obtained by encrypting the second random number with a public key, and obtain a second random ciphertext obtained by encrypting the fourth random number with a public key from a third random number, the first ciphertext, and the first random number in a secret pipe center, to obtain a second temporary variable;
a decryption unit 614, configured to decrypt each second temporary variable to obtain each first plaintext;
the first sub private key generating unit 615 is configured to obtain a first sub private key by using each of the first plaintext, the first random number, the second random number, and the first master private key based on a format of the SM9 algorithm.
In some embodiments, the first sub private key generation unit 615 includes:
The first intermediate number obtaining subunit is used for calculating according to each first plaintext, each first random number, each second random number and a preset variable to obtain a first intermediate number;
the second intermediate number obtaining subunit is used for obtaining a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number and the second main private key from the center of the secret pipe; the second plaintext is obtained by decrypting the first temporary variable from the center of the password pipe;
a fifth intermediate number and a sixth intermediate number obtaining subunit, configured to obtain a third intermediate number according to the first intermediate number, the second intermediate number, and the first random number, obtain a fifth intermediate number by using the third intermediate number, the second ciphertext, and the third random ciphertext obtained by using the public key to the fifth random number, and obtain a sixth intermediate number from the center of the secret pipe, where the sixth intermediate number is data obtained by using a fourth intermediate number, a third ciphertext obtained by using the public key and the first master private key and sent by the center of the master secret pipe, and a sixth random number obtained by using the public key, and the fourth intermediate number is data obtained by using the first intermediate number, the second intermediate number, and the third random number;
the first sub private key generation subunit is configured to obtain the first sub private key by using the third plaintext, the third intermediate number, the fifth random number, the first main private key, and the generator obtained by decrypting the sixth intermediate number.
In some embodiments, the first sub-private key generation module 610 further comprises:
a judging unit for judging whether the preset variable is equal to 0;
the first execution unit is used for determining the first main private key again when the preset variable is equal to 0;
a second execution unit, configured to execute, when the preset variable is not equal to 0, the method according to the ID of the target user and the first primary private key, and record the preset variable as Hash (ID, N) +ks) by using the public key of the addition homomorphic encryption algorithm 1 Encrypting to obtain a first secret.
In some embodiments, the SM9 key generation apparatus further comprises:
the judging module is used for judging whether the first sub private key corresponds to the format of the SM9 algorithm;
and the sending module is used for sending the first sub private key to the target user if the first sub private key corresponds to the format of the SM9 algorithm.
With respect to the SM9 key generating apparatus in the above-described embodiment, the specific manner in which the respective modules perform operations has been described in detail in the embodiment regarding the method, and will not be explained in detail here.
Referring to fig. 8, fig. 8 is a schematic diagram of an SM9 key generating system provided by an embodiment of the present disclosure, where the SM9 key generating system described below and the SM9 key generating method described above may be referred to correspondingly, and the SM9 key generating system includes:
The master crypto center 810 is configured to interactively communicate with the plurality of slave crypto centers using the first random number and the second random number according to the ID of the target user and the first master private key; transmitting the first sub private key to the target user;
the plurality of secondary secret pipe centers 820 are used for performing interactive communication with other secret pipe centers except the current secondary secret pipe center by utilizing the third random number and the fourth random number according to the second main private key, generating a current second sub private key and sending the current second sub private key to the target user;
the target user 830 is configured to generate a private key according to the received first sub-private key and each second sub-private key.
In some embodiments, the master dense pipe center and the plurality of slave dense pipe centers are disposed in different devices.
The specific manner in which the respective modules perform the operations in relation to the SM9 key generation system in the above-described embodiment has been described in detail in relation to the embodiment of the method, and will not be explained in detail here.
A computer-readable storage medium provided by embodiments of the present disclosure will be described below, and the computer-readable storage medium described below and the SM9 key generation method described above may be referred to correspondingly with each other.
A computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the SM9 key generation method as described above.
The following presents one of the embodiments of the present disclosure, and the SM9 key generation method described below and the SM9 key generation method described above may be referred to in correspondence with each other. Fig. 9 is a block diagram of an electronic device 900, according to an example embodiment. As shown in fig. 9, the electronic device 900 may include:
a processor 901 on which a computer program is stored;
a memory 902, a processor, for executing a computer program in the memory to implement the steps of the SM9 key generation method as described above.
The electronic device 900 may also include one or more of a multimedia component 903, an information input/information output (I/O) interface 904, and a communication component 905.
Wherein the processor 901 is configured to control the overall operation of the electronic device 900 to complete all or part of the steps in the system switching method applied in the above; the memory 902 is used to store various types of data to support operations at the electronic device 900, which may include, for example, instructions for any application or method operating on the electronic device 900, as well as application-related data, such as contact data, transceived messages, pictures, audio, video, and so forth. The Memory 902 may be implemented by any type or combination of volatile or nonvolatile Memory devices, such as static random access Memory (Static Random Access Memory, SRAM for short), electrically erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM for short), erasable programmable Read-Only Memory (Erasable Programmable Read-Only Memory, EPROM for short), programmable Read-Only Memory (Programmable Read-Only Memory, PROM for short), read-Only Memory (ROM for short), magnetic Memory, flash Memory, magnetic disk, or optical disk.
The multimedia component 903 may include a screen and audio components. Wherein the screen may be, for example, a touch screen, the audio component being for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may be further stored in the memory 902 or transmitted through the communication component 905. The audio assembly further comprises at least one speaker for outputting audio signals. The I/O interface 904 provides an interface between the processor 901 and other interface modules, which may be a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 905 is used for wired or wireless communication between the electronic device 900 and other devices. Wireless communication, such as Wi-Fi, bluetooth, near field communication (Near Field Communication, NFC for short), 2G, 3G or 4G, or a combination of one or more thereof, the corresponding communication component 905 may thus comprise: wi-Fi module, bluetooth module, NFC module.
In an exemplary embodiment, 900 may be implemented by one or more application specific integrated circuits (Application Specific Integrated Circuit, abbreviated ASIC), digital signal processor (Digital Signal Processor, abbreviated DSP), digital signal processing device (Digital Signal Processing Device, abbreviated DSPD), programmable logic device (Programmable Logic Device, abbreviated PLD), field programmable gate array (Field Programmable Gate Array, abbreviated FPGA), controller, microcontroller, microprocessor, or other electronic component for performing the SM9 key generation method given above.
In another exemplary embodiment, a computer readable storage medium comprising program instructions which, when executed by a processor, implement the steps of the above-described data transmission method is also provided. For example, the computer readable storage medium may be the memory 702 storing the program instructions that are executable by the processor 701 of the electronic device 700 to perform the SM9 key generation method described above.
The preferred embodiments of the present disclosure have been described in detail above with reference to the accompanying drawings, but the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solutions of the present disclosure within the scope of the technical concept of the present disclosure, and all the simple modifications belong to the protection scope of the present disclosure.
In addition, the specific features described in the foregoing embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, the present disclosure does not further describe various possible combinations.
Moreover, any combination between the various embodiments of the present disclosure is possible as long as it does not depart from the spirit of the present disclosure, which should also be construed as the disclosure of the present disclosure.
Claims (8)
1. An SM9 key generation method, comprising:
according to the ID of the target user and the first master private key, the first random number and the second random number are used for carrying out interactive communication with a plurality of slave secret management centers so as to generate a first sub private key corresponding to the format of an SM9 algorithm; the secondary secret management center is a secret management center which performs the interactive communication by utilizing a third random number and a fourth random number according to a second main private key;
the first sub private key is sent to the target user, so that the target user synthesizes a private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center;
the interactive communication is performed with a plurality of secondary secret management centers by using a first random number and a second random number according to the ID of the target user and the first main private key, so as to generate a first sub private key corresponding to the format of an SM9 algorithm, which comprises the following steps:
according to the ID of the target user and the first main private key, a preset variable is marked as Hash (ID hi, N) +ks) by using a public key of a homomorphic encryption algorithm 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is the first master private key, N is the order of the cyclic group, and hid represents the identifier of the signature private key generation function;
Obtaining a second ciphertext of each secondary password pipe center; the second ciphertext is obtained by encrypting the second master private key by the slave crypto center through the public key;
obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly, obtaining the second random ciphertext obtained by encrypting the fourth random number by using the public key and the third random number and the first ciphertext from the secret management center, and obtaining a second temporary variable;
decrypting each second temporary variable to obtain each first plaintext;
obtaining the first sub-private key by using the first plaintext, the first random number, the second random number and the first main private key based on the format of the SM9 algorithm;
the SM9 algorithm-based format obtains the first sub-private key by using the first plaintext, the first random number, the second random number and the first main private key, and the method comprises the following steps:
calculating according to each first plaintext, each first random number, each second random number and the preset variable to obtain a first intermediate number;
Obtaining a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number and the second master private key from the secondary secret pipe center; the second plaintext is obtained by decrypting the first temporary variable from the password center;
obtaining a third intermediate number according to the first intermediate number, the second intermediate number and the first random number, obtaining a fifth intermediate number by using the third intermediate number, the second ciphertext and a third random ciphertext obtained by using the public key for a fifth random number, and obtaining a sixth intermediate number from the center of the secret pipe, wherein the sixth intermediate number is data obtained by using a fourth intermediate number, a third ciphertext obtained by using the public key and the first master private key and transmitted by the center of the master secret pipe and a sixth random number by using the public key, and the fourth intermediate number is data obtained by using the first intermediate number, the second intermediate number and the third random number;
obtaining the first sub private key by using a third plaintext obtained by decrypting the sixth intermediate number, the third intermediate number, the fifth random number, the first main private key and a generator;
Correspondingly, the second sub private key is a sub private key obtained by the secondary secret management center according to the fourth intermediate number, a fourth plaintext obtained by decrypting the fifth intermediate number, the sixth random number, the second main private key and the generator.
2. The SM9 key generation method of claim 1, wherein the homomorphic encryption algorithm is a palellier algorithm.
3. The SM9 key generation method as recited in claim 1, wherein the preset variable is referred to as Hash (ID hi, N) +ks) by a public key of a homomorphic encryption algorithm according to the ID of the target user and the first master private key 1 The encryption method comprises the following steps of:
judging whether the preset variable is equal to 0;
if the first private key is equal to 0, the first main private key is redetermined;
if not, executing the step of recording the preset variable as Hash (ID hi, N) +ks) according to the ID of the target user and the first main private key by using the public key of the homomorphic encryption algorithm 1 And encrypting to obtain a first ciphertext.
4. The SM9 key generation method of claim 1, wherein after interactively communicating with the plurality of secondary crypto centers using the first random number and the second random number according to the ID of the target user and the first master private key to generate the first sub private key corresponding to the format of the SM9 algorithm, further comprising:
Judging whether the first sub private key corresponds to the format of the SM9 algorithm;
and if the first sub private key corresponds to the format of the SM9 algorithm, the first sub private key is sent to the target user.
5. An SM9 key generation apparatus, comprising:
the first sub private key generation module is used for carrying out interactive communication with the plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first main private key so as to generate a first sub private key corresponding to the format of the SM9 algorithm; the secondary secret management center is a secret management center which performs the interactive communication by utilizing a third random number and a fourth random number according to a second main private key;
the first sub private key sending module is used for sending the first sub private key to the target user so that the target user synthesizes a private key according to the first sub private key and a plurality of second sub private keys of the secondary secret management center;
the first sub private key generation module includes:
the first ciphertext obtaining unit records a preset variable as Hash (ID||hide, N) +ks) by using a public key of a homomorphic encryption algorithm according to the ID of the target user and the first master private key 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is the first master private key, N is the order of the cyclic group, and hid represents the identifier of the signature private key generation function;
the second ciphertext acquisition unit is used for acquiring second ciphertext of each secondary password management center; the second ciphertext is obtained by encrypting a second master private key by using a public key from a password management center;
the temporary variable obtaining unit is used for obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly obtaining a second random ciphertext obtained by encrypting the fourth random number by using the public key according to the third random number and the first ciphertext from the center of the secret pipe, and obtaining a second temporary variable;
the decryption unit is used for decrypting each second temporary variable to obtain each first plaintext;
the first sub private key generation unit is used for obtaining a first sub private key by utilizing each first plaintext, each first random number, each second random number and each first main private key based on the format of an SM9 algorithm;
the first sub private key generation unit includes:
the first intermediate number obtaining subunit is used for calculating according to each first plaintext, each first random number, each second random number and a preset variable to obtain a first intermediate number;
The second intermediate number obtaining subunit is used for obtaining a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number and the second main private key from the center of the secret pipe; the second plaintext is obtained by decrypting the first temporary variable from the center of the password pipe;
a fifth intermediate number and a sixth intermediate number obtaining subunit, configured to obtain a third intermediate number according to the first intermediate number, the second intermediate number, and the first random number, obtain a fifth intermediate number by using the third intermediate number, the second ciphertext, and the third random ciphertext obtained by using the public key to the fifth random number, and obtain a sixth intermediate number from the center of the secret pipe, where the sixth intermediate number is data obtained by using a fourth intermediate number, a third ciphertext obtained by using the public key and the first master private key and sent by the center of the master secret pipe, and a sixth random number obtained by using the public key, and the fourth intermediate number is data obtained by using the first intermediate number, the second intermediate number, and the third random number;
the first sub private key generation subunit is configured to obtain the first sub private key by using the third plaintext, the third intermediate number, the fifth random number, the first main private key, and the generator obtained by decrypting the sixth intermediate number.
6. An SM9 key generation system, comprising:
The master secret management center is used for carrying out interactive communication with the plurality of slave secret management centers by utilizing the first random number and the second random number according to the ID of the target user and the first master private key; transmitting the first sub private key to the target user; the interactive communication is performed with a plurality of secondary secret management centers by using a first random number and a second random number according to the ID of the target user and the first main private key, so as to generate a first sub private key corresponding to the format of an SM9 algorithm, which comprises the following steps: according to the ID of the target user and the first main private key, a preset variable is marked as Hash (ID hi, N) +ks) by using a public key of a homomorphic encryption algorithm 1 Encrypting to obtain a first ciphertext; wherein ks is 1 Is the first master private key, N is the order of the cyclic group, and hid represents the identifier of the signature private key generation function; obtaining a second ciphertext of each secondary password pipe center; the second ciphertext is obtained by encrypting a second master private key by the slave crypto center through the public key; obtaining each first temporary variable according to the first random number, the second ciphertext and the first random ciphertext obtained by encrypting the second random number by using the public key, correspondingly, and obtaining the second random ciphertext obtained by encrypting the fourth random number by using the public key and the third random number from the center of the secret management; decrypting each second temporary variable to obtain each first plaintext; obtaining the first sub-private key by using the first plaintext, the first random number, the second random number and the first main private key based on the format of the SM9 algorithm; the SM9 algorithm-based format obtains the first sub-private key by using the first plaintext, the first random number, the second random number and the first main private key, and the method comprises the following steps: calculating according to each first plaintext, each first random number, each second random number and the preset variable to obtain a first intermediate number; obtaining a second intermediate number obtained by calculating the second plaintext, the third random number, the fourth random number and the second master private key from the secondary secret pipe center; the second plaintext is obtained by decrypting the first temporary variable from the password center; obtaining a third intermediate number according to the first intermediate number, the second intermediate number and the first random number, obtaining a fifth intermediate number by using the third intermediate number, the second ciphertext and a third random ciphertext obtained from a fifth random number by using the public key, and obtaining a sixth intermediate number from the center of the secret pipe, wherein the sixth intermediate number is data obtained from a sixth random number by using a third intermediate number, a third ciphertext obtained from the public key and the first master private key and transmitted from the center of the master secret pipe, and a fourth intermediate number by using the public key, and the fourth intermediate number is data obtained from the sixth random number by using the first intermediate number Obtaining data by the number, the second intermediate number and the third random number; obtaining the first sub private key by using a third plaintext obtained by decrypting the sixth intermediate number, the third intermediate number, the fifth random number, the first main private key and a generator; correspondingly, the second sub private key is a sub private key obtained by the secondary secret management center according to the fourth intermediate number, a fourth plaintext obtained by decrypting the fifth intermediate number, the sixth random number, the second main private key and the generator;
the secondary secret management centers are used for carrying out interactive communication with other secret management centers except the current secondary secret management center by utilizing a third random number and a fourth random number according to a second main secret key, generating a current second sub-secret key, and sending the current second sub-secret key to the target user;
and the target user is used for generating a private key according to the received first sub private key and each second sub private key.
7. The SM9 key generation system of claim 6, wherein the master crypto center and the plurality of slave crypto centers are disposed in different devices.
8. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which when executed by a processor realizes the steps of the SM9 key generation method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010784021.2A CN111901111B (en) | 2020-08-06 | 2020-08-06 | SM9 key generation method, device and system and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010784021.2A CN111901111B (en) | 2020-08-06 | 2020-08-06 | SM9 key generation method, device and system and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111901111A CN111901111A (en) | 2020-11-06 |
| CN111901111B true CN111901111B (en) | 2023-07-25 |
Family
ID=73246798
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010784021.2A Active CN111901111B (en) | 2020-08-06 | 2020-08-06 | SM9 key generation method, device and system and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111901111B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112906038B (en) * | 2021-03-26 | 2023-04-07 | 成都卫士通信息产业股份有限公司 | Thresholding processing method, device and equipment based on SM9 key and storage medium |
| CN112926075B (en) * | 2021-03-26 | 2023-01-24 | 成都卫士通信息产业股份有限公司 | SM9 key generation method, device, equipment and storage medium |
| CN113179158B (en) * | 2021-04-08 | 2022-05-17 | 支付宝(杭州)信息技术有限公司 | Multi-party combined data processing method and device for controlling bandwidth |
| CN113794693A (en) * | 2021-08-25 | 2021-12-14 | 浪潮云信息技术股份公司 | Distributed SM9 key secure distribution method for preventing server number expansion |
| CN114189338B (en) * | 2021-12-07 | 2023-12-19 | 浙江大学 | SM9 key secure distribution and management system and method based on homomorphic encryption technology |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110166239A (en) * | 2019-06-04 | 2019-08-23 | 成都卫士通信息产业股份有限公司 | Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment |
| CN110855425A (en) * | 2019-10-25 | 2020-02-28 | 武汉大学 | Lightweight multiparty cooperative SM9 key generation and ciphertext decryption method and medium |
| CN111010276A (en) * | 2019-10-25 | 2020-04-14 | 武汉大学 | Multi-party combined SM9 key generation and ciphertext decryption method and medium |
| CN111030801A (en) * | 2019-10-25 | 2020-04-17 | 武汉大学 | Multi-party distributed SM9 key generation and ciphertext decryption method and medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9065637B2 (en) * | 2012-01-25 | 2015-06-23 | CertiVox Ltd. | System and method for securing private keys issued from distributed private key generator (D-PKG) nodes |
-
2020
- 2020-08-06 CN CN202010784021.2A patent/CN111901111B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110166239A (en) * | 2019-06-04 | 2019-08-23 | 成都卫士通信息产业股份有限公司 | Private key for user generation method, system, readable storage medium storing program for executing and electronic equipment |
| CN110855425A (en) * | 2019-10-25 | 2020-02-28 | 武汉大学 | Lightweight multiparty cooperative SM9 key generation and ciphertext decryption method and medium |
| CN111010276A (en) * | 2019-10-25 | 2020-04-14 | 武汉大学 | Multi-party combined SM9 key generation and ciphertext decryption method and medium |
| CN111030801A (en) * | 2019-10-25 | 2020-04-17 | 武汉大学 | Multi-party distributed SM9 key generation and ciphertext decryption method and medium |
Non-Patent Citations (2)
| Title |
|---|
| An efficient certificateless aggregate signature scheme for vehicular ad-hoc networks;Avleen Kaur Malhi;《Discrete Mathematics & Theoretical Computer Science》;20151231;全文 * |
| 一种关于SM9的安全密钥分发方案;许盛伟等;《计算机应用与软件》;20200112(第01期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111901111A (en) | 2020-11-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111901111B (en) | SM9 key generation method, device and system and readable storage medium | |
| CN107196763B (en) | SM2 algorithm collaborative signature and decryption method, device and system | |
| EP3779717A1 (en) | Multiparty secure computing method, device, and electronic device | |
| CN113259329B (en) | Method and device for data careless transmission, electronic equipment and storage medium | |
| JP4981072B2 (en) | Method and system for decryptable and searchable encryption | |
| CN111404952B (en) | Transformer substation data encryption transmission method and device, computer equipment and storage medium | |
| EP2996280A1 (en) | Public key encryption communication method and apparatus | |
| CN108183791B (en) | Intelligent terminal data security processing method and system applied to cloud environment | |
| Huang et al. | Constructing a Secure Point-to-Point Wireless Environment by Integrating Diffie-Hellman PKDS RSA and Stream Ciphering for Users Known to Each Other. | |
| CN110401524B (en) | Method and system for collaborative generation of secret-containing numbers by means of homomorphic encryption | |
| JP5171787B2 (en) | Sign-encryption system and sign-encryption generation method | |
| KR20010000738A (en) | Provably secure public key encryption scheme based on computational diffie-hellman assumption | |
| CN112861164B (en) | Encryption method, decryption method, data processing method, terminal and encryption machine | |
| JP2005176144A (en) | Terminal device, communication system and communication method | |
| JP3694242B2 (en) | Signed cryptographic communication method and apparatus | |
| CN109361506B (en) | Information processing method | |
| JP2004246350A (en) | Enciphering device, deciphering device, enciphering system equipped with the same, enciphering method, and deciphering method | |
| CN114362912A (en) | Identification password generation method based on distributed key center, electronic device and medium | |
| JP4856933B2 (en) | Signature device, verification device, decryption device, plaintext restoration device, information providing device, signature system, communication system, key generation device, and signature method | |
| JP2007053449A (en) | Decoder, encryption apparatus, communication system, and communication method | |
| KR102626974B1 (en) | Method and system for protecting secret key of white box cryptography | |
| JP4000900B2 (en) | Cryptographic method with authentication, decryption method with authentication, verification method and device, program, and computer-readable recording medium | |
| CN117294431A (en) | Key generation method, device, equipment and medium | |
| CN116248270A (en) | Plaintext encryption method, plaintext encryption device, electronic equipment and storage medium | |
| JP5689839B2 (en) | Public key encryption system, public key encryption method, receiving device, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |