CN112235115B - Secret key protection method of cryptographic algorithm based on repudiation authentication relationship - Google Patents

Secret key protection method of cryptographic algorithm based on repudiation authentication relationship Download PDF

Info

Publication number
CN112235115B
CN112235115B CN202011083060.6A CN202011083060A CN112235115B CN 112235115 B CN112235115 B CN 112235115B CN 202011083060 A CN202011083060 A CN 202011083060A CN 112235115 B CN112235115 B CN 112235115B
Authority
CN
China
Prior art keywords
private key
key
cryptographic algorithm
protection
calculation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011083060.6A
Other languages
Chinese (zh)
Other versions
CN112235115A (en
Inventor
宋煜
郑艳斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202011083060.6A priority Critical patent/CN112235115B/en
Publication of CN112235115A publication Critical patent/CN112235115A/en
Application granted granted Critical
Publication of CN112235115B publication Critical patent/CN112235115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention provides a cryptographic algorithm private key protection method based on a pure software form of a white-box cryptographic module hypothesis. The method uses the business data user as center, and by means of supporting the security of the private key of the server, the repudiation authentication relationship between the software cryptographic module and the legal user is realized. Thereby realizing risk prevention related to the security of the private key of the mobile user in the prevention password application, including but not limited to: identifying or blocking enumeration attacks on the memory features of legitimate users; challenge identity capture, discrimination capture, data capture; a certain captured user password module cannot provide valuable information for other users; the system has the safety protection capability when any three of logic capture, identification capture, authentication capture and data capture occur simultaneously.

Description

Secret key protection method of cryptographic algorithm based on repudiation authentication relationship
Technical Field
The invention belongs to the technical field of key protection in the password application technology.
Background
Cryptography considers that a key is the basis for protecting the security of a cryptographic algorithm, and the protection of the key is realized based on the key protection key which is safely stored in a cryptographic module. Depending on the environment in which it is located, the cryptographic module faces the threat of black box attacks, gray box attacks and white box attacks. Wherein: the attacker who attacks two types of black box password attacks and gray box password attacks can obtain the information such as plaintext, ciphertext and cryptographic algorithm that the cryptographic module outputs and inputs through observing, but can not obtain the information such as execution logic, process and key storage record inside the cryptographic module. White-box attacks are distinguished from the two attack modes described above in that it is assumed that the attacker has full control over the cryptographic implementation and the operating platform; white-box protectors pursue the use of cryptographic techniques to prevent an attacker from extracting the key information of the cryptographic algorithm from the cryptographic constituents.
The key protection problem in the white box attack environment is solved, the existing method is mainly to disperse the key into a plurality of lookup tables or polynomial coefficient matrixes by a confusion method, and modify the logic process of a designated algorithm into the lookup tables and polynomial coefficient matrixes formed by the key dispersing process. When the method is applied specifically, the conditions are distinguished, the lookup table and the polynomial matrix are distributed in a security password system, and a part of schemes also need to establish mathematical association between identity authentication information of a key user and operating equipment characteristics for the lookup table. By applying the scheme, two types of cryptosystem problems including a lookup table, a polynomial matrix distribution problem and an open code environment personality code examination problem can be generated particularly when the open code environment is applied in the financial field:
look-up table, polynomial matrix distribution problem. For example: in the digital currency scene based on the blockchain principle in the financial field, one of the main tasks of utilizing private keys of a public cryptographic algorithm is to establish effective identity authentication and authentication information modes for access nodes (such as distributed ledger nodes and consensus nodes) because of a plurality of participants, and the private keys and other variants (such as public keys) can be subjected to endorsement (SM 2 and SM9 digital authentication centers) of a cryptographic infrastructure, so that the problem of key distribution before the operation of the cryptographic system is avoided. But if the lookup table, polynomial matrix, also need to be reliably distributed within the same cryptosystem, then its essence also forms a key distribution challenge.
Open code environment personality code audit problem. The design scheme of the Z cryptographic algorithm changes the conventional common algorithm and the cryptographic system of different user keys, and the mathematical relationship is established between the user keys and the individual codes, so that the overall security of the cryptographic system in the white box environment is improved, and therefore, the user A cryptographic equipment captured by an attacker cannot provide valuable information aiming at the user B cryptographic equipment. However, when the personality algorithm combined with the user key needs to be exposed to an open code environment (for example, by foreign third party application market audit), the configuration data of the Z algorithm also needs to be distributed between the consensus node and the distributed billing node, and besides the form of protecting only the block cipher key, the problems of difficult identification capture, challenge problem, data capture equivalent to the key and the like similar to the black box cipher model and the gray box cipher model are generated in the security distribution process of the personality code/configuration data, and the public key cipher system support may not reach the application requirement of the financial distributed account technical security specification. (e.g., by capturing configuration data from communications during distribution, by capturing a single consensus node to analyze other node identity information or authentication information; so that an attacker outside the authorized user obtains and runs the authorized user personality code).
In summary, chow et al propose white-box attack threat hypotheses, and to address known heuristics made to overcome white-box attack hypotheses, emphasize the risk of cryptographic module execution logic being trapped, cryptographic instance execution being tracked, etc., assumptions that do not meet mobile application scenario needs in most open code environments. The main reasons are three:
firstly, the currently known white-box cryptographic scheme cannot effectively solve the problem that application security threats are possibly generated when cryptographic module logic, residual data in the cryptographic module, identity identification of a cryptographic module user and authentication information of the cryptographic module user are captured by an attacker. Wherein: the password instance operation is tracked (debugged) and is equivalent to an attacker's ' simultaneously acquiring password module logic, residual data in the password module, legal password module user identity and corresponding authentication information '.
And secondly, the lookup table and polynomial matrix distribution can overcome the risks brought by the operation logic capture of the cryptographic module to a certain extent, but in a large-scale application example, the specific key leakage risks are transferred to the typical systematic key distribution problem.
Third, the currently known white-box cryptographic schemes cannot effectively prevent an attacker from utilizing the captured cryptographic module by means of stealing, tampering, counterfeiting the biological features of legal users, memorizing information and the like.
Disclosure of Invention
The invention aims to find a secret key protection method of a cryptographic algorithm realized in a pure software form, thereby providing a white-box cryptographic module scheme with high safety, high flexibility and low application cost for mobile application scenes in an open code environment.
The invention relates to a cipher algorithm private key protection method based on a repudiation authentication relationship
The cryptographic algorithm private key protection method based on the repudiation authentication relationship comprises the following steps: a repudiation authentication method of an asymmetric cryptographic algorithm (sm 2), a private key and private key protection key association method, a locking method of a private key protection key and identity authentication, and a method for preventing an identity authentication enumeration attack.
sm2 is used for giving a new mathematical relationship between an issuer of a cryptographic algorithm calculation task and an executor of the cryptographic algorithm calculation directly by using a private key.
The private key and private key protection key association method is used for the non-supposedly mathematical relationship between the protected private key and the private key protection key.
The locking method of the private key protection key and the identity identification is used for extracting the private key protection key from the mathematical relationship between the private key and the private key protection key by utilizing the identity identification and the identification information.
A method for preventing enumeration attack of identification authentication is used for identifying and preventing enumeration attack attempts on identification and authentication information.
According to the denial authentication method of SM2, based on the fact that mathematical relations consistent with a formula 1 exist among a signature private key d, signature values (r and s) and a signature calculation process random number k in the SM2 digital signature technology, d is a random number negotiated between an issuer of a cryptographic algorithm calculation task and an executor directly using the private key to calculate the cryptographic algorithm, and the fact that the digital signature body quadruple (ZA, M, r, s) is an intention M true representation of the issuer of the cryptographic algorithm calculation task and cannot be verified to any third party can be confirmed.
Figure GDA0003847847380000031
"issuer of cryptographic algorithm computing task" including: the cryptographic module uses personnel, application software for calling the cryptographic module, service software for calling the cryptographic module, and program components for calling the cryptographic module.
"an executor who directly performs cryptographic algorithm calculation using a private key", including: the cryptographic algorithm comprises a cryptographic algorithm execution program, a cryptographic algorithm program component, a software cryptographic module, a cryptographic chip, a cryptographic module, a card-type cryptographic machine and a server cryptographic machine.
Negotiated random numbers, including but not limited to: random numbers negotiated using RSA algorithm, random numbers negotiated using SM2 algorithm, random numbers negotiated using DH method, random numbers negotiated using Chebyshev polynomial, etc.
According to the private key and private key protection key association method, any private key and protection key thereof are assigned to (k, d) and the mathematical relationship between (k, d) is equivalently expressed based on the mathematical relationship between a base point G, a signature private key d, signature values (r, s), a random number k in a signature calculation process, a signer identity mark ZA and a message M to be signed in accordance with a formula 2 in an SM2 digital signature technology. And merging, calculating (ZA and M) used in the (r and s) process, and assigning the values of (k and d) to the equivalent expression private key and the protection key of the quadruple (ZA, M, r, s).
Figure GDA0003847847380000032
The locking method for the private key protection key and the identity identification uses a locking calculation function, and based on SM2 digital signature technology, d a Representing the sign, k, of the private key a Protecting a representative symbol of a key for an arbitrary private key, where (ZA, M) is d a The legal user authorizes the establishment of the sign of the key protection relationship, and equation 3 is solved, and the key protection relationship is expressed as a triplet (r a 、s a 、kw a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Wherein kw is the value of a The function value is calculated for lock. When d a The legitimate user needs critical information (k) a 、d a ) And is calculated by the formula 4.
Figure GDA0003847847380000041
Figure GDA0003847847380000042
The lock computation function is characterized by a function that, when (r a 、s a 、e a ) When determining, f (k) a ,e a ,r a ,s a )、f -1 (kw a ,e a ,r a ,s a ) Polynomial time-reversible operations, including but not limited to:
Figure GDA0003847847380000043
Figure GDA0003847847380000044
Figure GDA0003847847380000045
f(k a ,e a ,r a ,s a )=k a ·r a ·sm3(e a ) mod n, and the like.
In the method for preventing the identification enumeration attack, a support server is added between a sender of a cryptographic algorithm calculation task and an executor directly performing cryptographic algorithm calculation by using a private key, so as to establish a cooperative relationship consistent with that of FIG. 3. After "the performer who directly uses the private key to perform the cryptographic algorithm calculation" uses the formula 3 to calculate and enter the locked state, let d s Representing symbols for "support server" private key, (PS) x 、PS y ) Is d s Equation 5 is calculated corresponding to the representation of the public key, and five-tuple (W, r b 、s b 、r a 、s a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Is a value of (2). When d a The legitimate user needs critical information (k) a 、d a ) In this case, the "support server" assists in obtaining the formula 6 and then obtaining the formula 4.
Figure GDA0003847847380000046
kw a ≡(s b +r b ) -1 ·(k b -s b ) mod n formula 6
Five-tuple (W, r) b 、s b 、r a 、s a ) Is characterized by (px, py, k) b 、r b 、s b 、r a 、s a ) The values of seven different sources are simultaneously maintained, wherein at least (px, py, k b ) Three kinds of information are protected by a private key of a "support server", and the calculation of W includes that w=sm2_encrpt (key= (PS) x ,PS y ),msg=px||py||k b )、W=Sm2_encrpt(key=(PS x ,PS y ),msg=px||py||k b ||r b ||s b )。
The feature of the enhanced lock computation function is that when (r a 、s a 、e a ) Upon determination, fz (e a ,M,r a ,s a ) For arbitrary polynomial time-irreversible operations, comprising: fz (e) a ,M,r a ,s a )=sm3(e a ||M||r a ||s a )、
Figure GDA0003847847380000051
fz(e a ,M,r a ,s a )=sm3(e a ||M)、/>
Figure GDA0003847847380000052
Drawings
FIG. 1 is a block diagram of a cryptographic module application framework according to an embodiment of the present invention;
FIG. 2 is a flowchart of a working process of "locking of private key protection key and identity authentication" abbreviated as "local lock" provided in an embodiment of the present invention;
FIG. 3 is a flowchart of an engineering process for preventing an identification authentication enumeration attack (NIC) from being abbreviated as (network enhanced Lock) provided by an embodiment of the present invention;
Detailed Description
The specific embodiment is as follows: first, referring to fig. 1, the above-mentioned disclaimer authentication relationship is established between the "issuer of the cryptographic algorithm calculation task", "the" executor who directly performs the cryptographic algorithm calculation using the private key ", and the" support server "which grasps the specific private key.
According to a private key and private key protection key association method, random numbers are selected for any private key to be protected as protection keys, and four-element (ZA, M, r, s) equivalent expression private keys and protection keys thereof are assigned to values of (k and d).
Referring to fig. 2, a locking method for protecting a key and identity authentication by a private key uses a triplet (r a 、s a 、kw a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Is a value of (2). When the legal user needs to be utilized in d a At this time, equation 4 is calculated by inputting (ZA, M).
Finally, in connection with fig. 3, the five-tuple (W, r) of the identification authentication enumeration is blocked by calculating equation 5 by means of the public key of the "support server" according to the method for blocking the identification authentication enumeration attack b 、s b 、r a 、s a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Is a value of (2). When the legal user needs to be utilized in d a In this case, equation 6 is calculated by the assist server private key through the inputs (ZA, M), and equation 4 is calculated.
The invention constructs a cipher module in a pure software form, protects the working process of the locked local lock of the key and the identity identification by using the private key, and conceals and protects the key, thereby proving that: ZA M is not attacked by enumeration, and the remaining information (r a 、s a 、kw a ) The speculative key protection key is at the lowest cost equivalent to the speculative signature private key from the SM2 signature file.
Different numbers of local lock hiding states of the cipher module can be used for protecting keys when ZA M is unchanged.
When the key protection key is unchanged, using a plurality of residual information, the least cost of the ZA I M is presumed to be equivalent to the enumeration of the ZA I M by using single residual information.
By using the invention, a cryptographic module in a pure software form is constructed, and the hidden protection of the secret key can be proved by utilizing the network enhanced lock working process described in [0029], [0033 ]:
after the network enhanced lock operation, the key protection key, the signature private key, the encryption private key, the symmetric key and the random number generate state quintuples, are mutually independent, and have no mathematical relationship in the generation and selection processes.
The least cost of the key protection key is presumed to be equal to that of the SM2 private key ds of the support server from W, wherein the client is the sender of the cryptographic algorithm computing task and the client is the rest of programs and data (containing the information in the software module and the ZA I M value memorized by the client).
From the "support server" remainder of the information, the presumption of the key protection key da is least costly equivalent to the presumption of the SM2 private key kw from px, py a
Residual program and data (ZA I M value containing client memory, support server input and output and support server private key) of a 'client side plus' support server 'of a' cipher algorithm calculation task are obtained by carrying out arithmetic division on SM2 elliptic curve points to obtain k, wherein the estimated minimum cost of a key protection key is equal to that of the key protection key a Or da.
The method comprises the steps of obtaining a support server SM2 private key ds from a 'client+client residual program and data+support server' residual program and data (including information in a software module+ZA I M value memorized by a client+support server input/output and not including a support server private key) of a 'cipher algorithm calculation task', wherein the least cost of a presumed key protection key is equivalent to arithmetic division on SM2 elliptic curve points or known plaintext conditions.

Claims (1)

1. The method is characterized in that the protection method is used for protecting the private key value of the cipher algorithm by constructing four methods of a denial authentication method, a private key and private key protection key association method, a locking method of the private key protection key and identity identification and a method for preventing the identity identification enumeration attack of an asymmetric cipher algorithm (sm 2) and the method for storing the protection file in the process of preventing the identity identification enumeration attack;
wherein: a repudiation authentication method of an asymmetric cryptographic algorithm (sm 2) for giving a new mathematical relationship between an "issuer of a cryptographic algorithm calculation task" and an "executor who directly performs cryptographic algorithm calculation using a private key"; based on the mathematical relationship that a signature private key d, signature values (r, s) and a signature calculation process random number k exist and are consistent with a formula 1 in the SM2 digital signature technology, d is a random number negotiated between an issuer of a cryptographic algorithm calculation task and k is an executor directly performing the cryptographic algorithm calculation by using the private key, and the executor directly performing the cryptographic algorithm calculation by using the private key can confirm that a digital signature body quadruple (ZA, M, r, s) is an intention M true representation of an issuer of the cryptographic algorithm calculation task and cannot be confirmed to any third party;
Figure QLYQS_1
"issuer of cryptographic algorithm computing task" including: the password module uses personnel, application software for calling the password module, service software for calling the password module and a program component for calling the password module;
"an executor who directly performs cryptographic algorithm calculation using a private key", including: the password algorithm execution program, a password algorithm program component, a software password module, a password chip, a password module, a card type password machine and a server password machine;
a negotiated random number comprising: random numbers negotiated by RSA algorithm, random numbers negotiated by SM2 algorithm, random numbers negotiated by DH method, random numbers negotiated by Chebyshev polynomial;
wherein: the private key and private key protection key association method is used for the non-supposedly mathematical relationship between the protected private key and the private key protection key; based on the mathematical relationship that the existence of a base point G, a signature private key d, signature values (r, s), a random number k in a signature calculation process, a signer identity mark ZA and a message M to be signed is consistent with a formula 2 in the SM2 digital signature technology, any private key and a protection key thereof are assigned to (k, d), and the mathematical relationship between (k, d) is expressed equivalently by taking the signature values (r, s); combining, calculating (ZA, M) used in the (r, s) process, and assigning the values of (k, d) to the equivalent expression private key and the protection key of the quadruple (ZA, M, r, s);
Figure QLYQS_2
wherein: the locking method of the private key protection key and the identity identification is used for extracting the private key protection key from the mathematical relationship between the private key and the private key protection key by utilizing the identity identification and the identification information; using a lock computation function, letting d be based on SM2 digital signature technique a Representing the sign, k, of the private key a Protecting a representative symbol of a key for an arbitrary private key, where (ZA, M) is d a The legal user authorizes the establishment of the sign of the key protection relationship, and equation 3 is solved, and the key protection relationship is expressed as a triplet (r a 、s a 、kw a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Wherein kw is the value of a Calculating a function value for the lock; when d a The legitimate user needs critical information (k) a 、d a ) And (3) calculating according to a formula 4;
Figure QLYQS_3
Figure QLYQS_4
the lock computation function is characterized by a function that, when (r a 、s a 、e a ) When determining, f (k) a ,e a ,r a ,s a )、f -1 (kw a ,e a ,r a ,s a ) Polynomial time-reversible operations, including but not limited to:
Figure QLYQS_5
Figure QLYQS_6
Figure QLYQS_7
f(k a ,e a ,r a ,s a )=k a ·r a ·sm3(e a ) mod n
wherein: the method for preventing the enumeration attack of the identification authentication is used for identifying and preventing the enumeration attack attempt on the identification and the authentication information; adding a support server between the sender of the cryptographic algorithm calculation task and the executor for directly carrying out the cryptographic algorithm calculation by using the private key, and establishing a mutual cooperation relationship; after "the performer who directly uses the private key to perform the cryptographic algorithm calculation" uses the formula 3 to calculate and enter the locked state, let d s Representing symbols for "support server" private key, (PS) x 、PS y ) Is d s Equation 5 is solved for the representation of the public key using the enhanced lock computation function as a five-tuple (W, r b 、s b 、r a 、s a ) Equivalent expression d a Key information (ZA, M) of legal user and (k) a 、d a ) Is a value of (2); when d a The legitimate user needs critical information (k) a 、d a ) When the method is used, the 'support server' is used for assisting in solving the formula 6, and then solving the formula 4 for calculation;
Figure QLYQS_8
kw a ≡(s b +r b ) -1 ·(k b -s b ) mod n formula 6
According to the calculation process shown in formulas 1 to 6, the five-tuple (W, r b 、s b 、r a 、s a ) The formed storage protection file equivalently expresses the private key value d of the cryptographic algorithm a Key information (ZA, M), d of legal user a Is a repudiatable authentication relationship (k) a 、d a ) The method comprises the steps of carrying out a first treatment on the surface of the And simultaneously preserve (px, py, k) b 、r b 、s b 、r a 、s a ) A total of seven different source values, of which at least (px, py, k b ) Three kinds of information are protected by a "support server" private key, and the calculation of W includes, but is not limited to, w=sm2_encrpt (key= (PS) x ,PS y ),msg=px||py||k b )、
W=Sm2_encrpt(key=(PS x ,PS y ),msg=px||py||k b ||r b ||s b );
The feature of the enhanced lock computation function is that when (r a 、s a 、e a ) Upon determination, fz (e a ,M,r a ,s a ) A time-irreversible operation for any polynomial, including but not limited to: fz (e) a ,M,r a ,s a )=sm3(e a ||M||r a ||s a )、
Figure QLYQS_9
/>
fz(e a ,M,r a ,s a )=sm3(e a ||M)、
Figure QLYQS_10
/>
CN202011083060.6A 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship Active CN112235115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011083060.6A CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011083060.6A CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Publications (2)

Publication Number Publication Date
CN112235115A CN112235115A (en) 2021-01-15
CN112235115B true CN112235115B (en) 2023-05-12

Family

ID=74112090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011083060.6A Active CN112235115B (en) 2020-10-12 2020-10-12 Secret key protection method of cryptographic algorithm based on repudiation authentication relationship

Country Status (1)

Country Link
CN (1) CN112235115B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948797B (en) * 2021-03-09 2023-07-28 北方实验室(沈阳)股份有限公司 Asymmetric key management system and method based on collaborative cryptographic algorithm

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104539423A (en) * 2014-12-16 2015-04-22 熊荣华 Achievement method of certificate-less public key cryptosystem without bilinear pairing operation
CN108847942A (en) * 2018-06-03 2018-11-20 李维刚 A kind of authentication method and system based on mark public key
CN110113150A (en) * 2019-04-08 2019-08-09 淮阴工学院 The encryption method and system of deniable authentication based on no certificate environment

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101116281A (en) * 2005-02-10 2008-01-30 国际商业机器公司 Challenge-response signatures and secure diffie-hellman protocols
EP2150027B1 (en) * 2008-07-31 2014-09-03 BlackBerry Limited Systems and methods for preserving auditable records of an electronic device
CN102163267A (en) * 2010-02-22 2011-08-24 成都市华为赛门铁克科技有限公司 Solid state disk as well as method and device for secure access control thereof
US9065637B2 (en) * 2012-01-25 2015-06-23 CertiVox Ltd. System and method for securing private keys issued from distributed private key generator (D-PKG) nodes
CN103067401B (en) * 2013-01-10 2015-07-01 天地融科技股份有限公司 Method and system for key protection
CN103095455B (en) * 2013-01-10 2015-11-18 天地融科技股份有限公司 The storage means of private key for user and the storage system of private key for user
CN109474436A (en) * 2018-12-14 2019-03-15 电子科技大学 A kind of deniable authentication method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104539423A (en) * 2014-12-16 2015-04-22 熊荣华 Achievement method of certificate-less public key cryptosystem without bilinear pairing operation
CN108847942A (en) * 2018-06-03 2018-11-20 李维刚 A kind of authentication method and system based on mark public key
CN110113150A (en) * 2019-04-08 2019-08-09 淮阴工学院 The encryption method and system of deniable authentication based on no certificate environment

Also Published As

Publication number Publication date
CN112235115A (en) 2021-01-15

Similar Documents

Publication Publication Date Title
Wang et al. A survey on privacy protection of blockchain: The technology and application
Diffie et al. Multiuser cryptographic techniques
CN109309569B (en) SM2 algorithm-based collaborative signature method and device and storage medium
CN110235409B (en) Method for protected RSA signature or decryption using homomorphic encryption
JP2020510879A (en) Elliptic curve point multiplication device and method
Gupta et al. Single secret image sharing scheme using neural cryptography
KR20200108343A (en) Computer-implemented method and system for obtaining digitally signed data
EP3379769A1 (en) Method of rsa signature or decryption protected using multiplicative splitting of an asymmetric exponent
CN112235115B (en) Secret key protection method of cryptographic algorithm based on repudiation authentication relationship
Feng et al. White-box implementation of Shamir’s identity-based signature scheme
Diffie et al. New Directions in cryptography (1976)
Lee et al. Improvement on a masked white-box cryptographic implementation
US20230041237A1 (en) Key generation and pace with protection against side channel attacks
CN111245615B (en) Digital signature password reverse firewall method based on identity
CN111191262B (en) Block chain wallet client private key protection method based on two-party signature
Shankar et al. Improved Multisignature Scheme for Authenticity of Digital Document in Digital Forensics Using Edward-Curve Digital Signature Algorithm
CN108737383A (en) A kind of anonymous authentication method obscured
Lin et al. A new Feistel-type white-box encryption scheme
UmaMaheswaran et al. The Critical Understanding on the Emerging Threats and Defensive Aspects in Cryptocurrencies using Machine Learning Techniques
Paillier Paillier Encryption and Signature Schemes.
Rushdi et al. A pedagogical multi-key multi-stage package to secure communication channels
Li et al. A biometric-based password authentication with key exchange scheme using mobile device for multi-server environment
WO2022132186A1 (en) Randomization methods in isogeny-based cryptosystems
Pavithra et al. Blockchain-based criminal smart contract for symmetric key selling using ZK-SNARKs
Su et al. New proxy blind signcryption scheme for secure multiple digital messages transmission based on elliptic curve cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant