CN112769560B - Key management method and related device - Google Patents
Key management method and related device Download PDFInfo
- Publication number
- CN112769560B CN112769560B CN202011637138.4A CN202011637138A CN112769560B CN 112769560 B CN112769560 B CN 112769560B CN 202011637138 A CN202011637138 A CN 202011637138A CN 112769560 B CN112769560 B CN 112769560B
- Authority
- CN
- China
- Prior art keywords
- key
- token
- management system
- ciphertext
- key management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a key management method and a related device, wherein a system key is generated by calling an encryption machine through a key management system and by a special hardware device in the encryption machine, compared with a random number generated by a soft algorithm, the random number has stronger randomness, is more difficult to crack and reproduce, and improves the security of the system key. In addition, in the process that the application system requests the key from the key management system, the public and private key pair and the session key are used for encrypting the key token, so that the safety in the data transmission process is improved. And moreover, the system key issued to the application system by the key management system is encrypted and then issued, so that the transmission safety of the system key between the systems is further improved. In addition, the key management system is used for uniformly managing the system keys of different systems, so that the safety of the system keys is guaranteed, and the manpower and the equipment cost for designing the key keeping scheme by each system are saved.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a key management method and a related device.
Background
The key is an algorithm input parameter for converting a plaintext into a ciphertext or converting a ciphertext into a plaintext, and can be used for encrypting private information so as to improve the safety of the information. For example, sensitive data transmitted between systems is encrypted, files stored in a system archive are encrypted, and the like.
In order to prevent the information from being leaked in the transmission or storage process, the information can be encrypted by a key through a known algorithm and then transmitted and stored. But since the algorithm is public, the security and confidentiality of the key directly determines the security and confidentiality of the encrypted data.
Because the conditions are limited, the key encrypted by the system is mostly generated by a soft algorithm in a pseudo-random manner, the generated key is stored in a local configuration file or a database in a plaintext manner or is stored after simple transformation, and the risk of breaking the key is high. Once the key stored locally is leaked, the system faces serious security risks, and once the key is lost due to improper key management, the encrypted file cannot be recovered, so that huge losses are caused to users or enterprises. Therefore, the generation, transmission and proper storage of the key, i.e. how to manage the key securely, have been important issues in the encryption and decryption process.
Disclosure of Invention
In order to solve the technical problems in the prior art, the present application provides a key management method and a related device, which implement secure management of a key.
In one aspect, an embodiment of the present application provides a key management method, where the method includes:
acquiring a first key request sent by a target system; the key token in the first key request is generated by calling an encryption machine through a key management system;
encrypting the key token by using a session key and a public key sent by the key management system to generate a token ciphertext;
sending a second key request to the key management system so that the key management system can determine whether the target system is legal or not according to the decrypted key token after decrypting the token ciphertext by using a private key corresponding to the public key;
acquiring a key ciphertext transmitted by the key management system when the target system is confirmed to be legal; the key before the encryption of the key ciphertext is generated by calling an encryption machine through the key management system;
decrypting the key ciphertext sent by the key management system to generate a decrypted system key;
and sending the decrypted system key to the target system.
In a possible implementation manner, after the obtaining the first key request sent by the target system, the method further includes:
determining whether the target system is legal or not according to the application code of the target system and the key token in the first key request;
and if so, encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
In a possible implementation manner, the encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext includes:
encrypting the session key by using the public key sent by the key management system to generate a session ciphertext;
and encrypting the session ciphertext and the key token by using the session key to generate the token ciphertext.
In one possible implementation, the public key is obtained from the key management system according to the system code in the first key request; the session key is randomly generated.
In a possible implementation manner, after the key management system decrypts the token ciphertext by using a private key corresponding to the public key, determining whether the target system is legal according to the decrypted key token includes:
the key management system decrypts the session ciphertext by using a private key corresponding to the public key to generate a decrypted session key;
decrypting the token ciphertext by using the decrypted session key to generate a decrypted key token;
and determining whether the target system is legal or not according to the decrypted key token.
In one possible implementation, the method further includes:
if the key management system decrypts the token ciphertext by using a private key corresponding to the public key, confirming that the target system is illegal according to the decrypted key token, and acquiring an error message returned by the key management system;
and sending the error response message corresponding to the first key request to the target system according to the error message.
On the other hand, an embodiment of the present application provides a key management device, which includes an obtaining unit, an encrypting unit, a sending unit, and a decrypting unit:
the acquiring unit is used for acquiring a first key request sent by a target system; the key token in the first key request is generated by calling an encryption machine through a key management system;
the encryption unit is used for encrypting the key token by using a session key and a public key sent by the key management system to generate a token ciphertext;
the sending unit is configured to send a second key request to the key management system, so that the key management system determines whether the target system is legal according to the decrypted key token after decrypting the token ciphertext by using a private key corresponding to the public key;
the acquiring unit is used for acquiring a key ciphertext sent by the key management system when the target system is confirmed to be legal; the key before the encryption of the key ciphertext is generated by calling an encryption machine through the key management system;
the decryption unit is used for decrypting the key ciphertext sent by the key management system to generate a decrypted key;
the sending unit is configured to send the decrypted key to the target system.
In one possible implementation, the apparatus further includes a determining unit:
the determining unit is configured to determine, after the first key request sent by the target system is obtained, whether the target system is legal according to the application code of the target system and the key token in the first key request;
and if so, triggering the sending unit, and executing the step of encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
In a possible implementation manner, the determining unit is further configured to determine, after the first key request sent by the target system is obtained, whether the target system is legal according to the application code of the target system and the key token in the first key request;
if yes, triggering the encryption unit, and executing the step of encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
In a possible implementation manner, the encryption unit is configured to:
encrypting the session key by using the public key sent by the key management system to generate a session ciphertext;
and encrypting the session ciphertext and the key token by using the session key to generate the token ciphertext.
In one possible implementation, the public key is obtained from the key management system according to the system code in the first key request; the session key is randomly generated.
In a possible implementation manner, the determining unit is configured to:
the key management system decrypts the session ciphertext by using a private key corresponding to the public key to generate a decrypted session key;
decrypting the token ciphertext by using the decrypted session key to generate a decrypted key token;
and determining whether the target system is legal or not according to the decrypted key token.
In a possible implementation manner, the obtaining unit is further configured to, if the key management system decrypts the token ciphertext by using the private key corresponding to the public key, determine that the target system is illegal according to the decrypted key token, and obtain an error message returned by the key management system;
the sending unit is further configured to send the error response message corresponding to the first key request to the target system according to the error message.
In another aspect, an embodiment of the present application provides a computer device, where the computer device includes a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method of the above aspect according to instructions in the program code.
In another aspect, an embodiment of the present application provides a computer-readable storage medium for storing a computer program for executing the method of any one of the above aspects.
According to the technical scheme, the system key is generated by a special hardware device in the encryption machine by calling the encryption machine through the key management system, and compared with a random number generated by a soft algorithm, the random number generated by the encryption machine is stronger in randomness, higher in difficulty of being cracked and reproduced, and higher in security of the system key. In addition, in the process that the application system requests the key from the key management system, the public and private key pair and the session key are used for encrypting the key token, so that the safety in the data transmission process is improved. And moreover, the system key issued to the application system by the key management system is encrypted and then issued, so that the transmission safety of the system key between the systems is further improved. In addition, the key management system is used for uniformly managing the system keys of different systems, so that the safety of the system keys is guaranteed, and the manpower and the equipment cost for designing the key keeping scheme by each system are saved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flowchart of a key management method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another key management method according to an embodiment of the present application;
fig. 3 is a schematic flowchart of another key management method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a key management device according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Since the keys generated by the soft algorithm are generally pseudo-random numbers, the risk of cracking is high, and the keys stored locally have the risk of being lost and leaked, so that users and enterprises face serious risks and losses once lost or leaked. In view of this, embodiments of the present application provide a key management method and a related apparatus, which improve security of a key.
The key management method provided by the embodiment of the application can be applied to key management equipment with data processing capacity, such as terminal equipment or a server, the method can be independently executed through the terminal equipment, can also be independently executed through the server, and can also be applied to a network scene of communication between the terminal equipment and the server, and the method can be executed through the cooperation of the terminal equipment and the server. The terminal equipment can be a mobile phone, a desktop computer, a portable computer and the like; the server may be understood as an application server or a Web server, and in actual deployment, the server may be an independent server or a cluster server.
In practical applications, the key management device may specifically correspond to a system Interface layer, such as an Application Programming Interface (API), for executing the key management method provided in the embodiment of the present Application. For convenience of description, the following describes embodiments of the present application with a terminal device as a key management device.
Referring to fig. 1, fig. 1 is a schematic flowchart of a key management method according to an embodiment of the present application. As shown in fig. 1, the key management method includes the steps of:
s101: and acquiring a first key request sent by a target system.
In a process of requesting a system key by a target system, a terminal device acquires a first key request sent by the target system, wherein the first key request comprises a key Token (Token) of the target system. Wherein the key token is a credential for obtaining a system key of the target system.
In the embodiment of the application, the key token of the target system is generated in advance by calling a hardware encryption machine through a key management system and is issued to the target system. The target system may request the system key from the key management system using the key token. In the process of issuing the key token by the key management system, the key token can be distributed to each application system in an asymmetric encryption mode, so that the security of transmitting the key token between the systems is improved.
In practical applications, the first key request may further include a key type (type) corresponding to a system key to be acquired by the target system, an application code (AppCode) of the target system, and an application code (PKCode) of the public key. The key type is used for identifying the category of the system key which is requested to be obtained by the target system at this time.
Referring to fig. 2, fig. 2 is a schematic view of an application scenario provided in the embodiment of the present application. As shown in fig. 2, includes a target system, an access API, and a key management system.
In the scenario shown in fig. 2 where the target system requests the system key from the key management system, the target system first sends a first key request to the access API, where the first key request includes a key token, a key type, an application code, and an application code of a public key of the target system, that is, step 201 shown in fig. 2.
Considering the situation that the key token issued to the target system is leaked or reproduced, namely, the key token is used for pseudo-pretending a legal system to acquire the key, so that the possibility of system key leakage exists. In view of this, the present embodiment provides a possible implementation manner, that is, the target system is legally verified according to the application code and the key token of the target system in the first key request.
Because the application code of the target system identifies the identity of the target system in the key management system, if the application code of the target system is consistent with the key token, or the application code of the target system is determined to have an association relation with the key token, the identity of the target system is legal, that is, the target system has the authority of requesting to acquire the system key from the key management system.
If the application code of the target system is not consistent with the key token, or the application code of the target system is determined to be not in association with the key token, the identity of the target system is illegal, namely the target system does not have the authority of requesting to acquire the system key from the key management system.
In practical application, if the identity of the target system is determined to be illegal, the terminal device may send an error code to the target system to prompt the target system that the system key acquisition fails.
The validity of the target system is verified, so that the validity of the application system requesting the key is verified, the authority of the application system requesting the key is verified from the level of the system level, and the security of key management is improved.
S102: and encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
Because the information is intercepted or maliciously attacked in the data transmission process, in order to improve the security of data transmission in the key request process, the public and private key pair and the session key can be used for encrypting the key token to generate a key ciphertext, and the system key is requested to be obtained in the form of the key ciphertext.
The terminal device may perform interactive communication with the key management system according to the application code of the public key in the first key request in S101, and obtain the public key from the key management system. The public key and the private key form a key pair, and may be generated by an asymmetric encryption algorithm, for example: RSA algorithm, SM2 algorithm, etc. The public key is a public part and the private key is a non-public part. In the embodiment of the present application, the public key is used to encrypt the session key.
In practical application, because the application system and the interface layer perform data interaction in a code form, and the interface API and the key management system perform data interaction in a character string form, before requesting a public key from the key management system according to an application code of the public key, the application codes of the public key need to be subjected to character string splicing processing, so as to obtain a corresponding public key number.
As shown in fig. 2, the access API requests the key management system for a corresponding public key according to the public key number. The key management system obtains and returns the corresponding public key to the access API according to the public key number, i.e. steps 202 and 203.
The session key (SessionKey) is also referred to as a transmission key, and is used for encrypting a working key in a key transmission process. In the embodiment of the application, the session key is used for encrypting the key token, so that the security of the transmission of the key token between systems is further improved.
In one possible implementation, the session key may be generated in a random manner, for example: the SM4 algorithm or the DES algorithm is used for randomly generating the session key, so that the randomness of the session key is improved, and the security of transmitting the key token by using the session key is further improved.
The terminal device randomly generates a session key after receiving the public key sent by the key management system (i.e., step 204 in fig. 2), and destroys the session key after the first key request is finished, i.e., the application system requests the key management system to acquire the system key once, and correspondingly generates a session key, thereby improving the security of data transmission in the process of requesting the system key from the key management system by the application system.
In a possible implementation manner, the session key may be encrypted by using the public key sent by the key management system to generate a session ciphertext, and then the session key is used to encrypt the session ciphertext and the key token to generate a token ciphertext, for the process of S102, generating the token ciphertext by using the public key and the key token. The encryption process may be implemented by using an asymmetric encryption algorithm, such as an RSA algorithm, an SM2 algorithm, and the like. As shown in step 205 in fig. 2, the access API encrypts the key token by using the session key and the public key to obtain an encrypted token ciphertext and a session ciphertext.
The key token is encrypted by using the public key and the session key, so that the transmission safety of the key token between systems is improved, and the safety of the data transmission process between the systems is improved.
S103: and sending a second key request to the key management system so that the key management system can determine whether the target system is legal or not according to the decrypted key token after decrypting the token ciphertext by using a private key corresponding to the public key.
After the terminal device generates the token ciphertext, a second key request may be generated based on the token ciphertext and sent to the key management system. Based on S101, the first key request includes the application code of the target system and the application code of the public key. Because the application system and the interface layer perform data interaction in a code form, and the interface API and the key management system perform data interaction in a character string form, before transmitting the application code of the target system and the application code of the public key to the key management system, the application code of the target system and the application code of the public key need to be subjected to character string splicing processing, so as to obtain a corresponding system number and a corresponding public key number.
In practical applications, the second key request includes a token ciphertext, a session ciphertext, a system number, a public key number, and a key type. And after receiving the second key request, the key management request analyzes data included in the second key request by using a private key corresponding to the public key, and verifies the legality of the target system by using the obtained key token.
In one possible implementation, the key management system obtains a corresponding private key by using the public key number, decrypts the session ciphertext by using the private key to obtain a decrypted session key, and then decrypts the token ciphertext by using the decrypted session key to obtain a decrypted key token, as shown in step 206 in fig. 2. The key management system obtains the corresponding key token by using the system number, compares the key token with the decrypted key token, and determines whether the target system is legal according to a comparison result indicating whether the two key tokens are consistent, as shown in step 207 in fig. 2.
If the two key tokens are consistent, the target system is determined to be legal, that is, the target system has the authority to acquire the system key, and the following steps S104 to S106 are continuously executed.
And if the two key tokens are inconsistent, the target system is determined to be illegal, namely the target system does not have the authority of acquiring the system key. In this case, the terminal device obtains an error message returned by the key management system, then performs transcoding on the error message, and sends an error response message corresponding to the first key request to the target system, so that the target system performs error processing. Wherein the error response message identifies the key request failure.
As shown in steps 208-210 of fig. 2, the key management system assembles an error message based on the comparison and sends the error message to the access API. And the access API analyzes the error message and sends an error response message to the target system, so that the target system performs error processing.
The encrypted token ciphertext is decrypted by the private key, so that the validity of the system key requested by the application system is verified, the security management of the key by the key management system is realized, and the security of system information is improved.
S104: and acquiring a key ciphertext transmitted by the key management system when the target system is confirmed to be legal.
Based on the above S103, if the key management system confirms that the target system is legal, it indicates that the target system has the right to request the system key. In this case, the key management system obtains the system key of the target system according to the key token, so as to issue the system key to the target system.
In practical applications, in order to improve security management of the key, a master encryption method is used to encrypt and store the system key of the key management system. If the key management system confirms that the identity of the target system is legal, the key management system can acquire the corresponding main encrypted system key according to the system number, and decrypt the main encrypted system key to obtain the decrypted system key. Then, the system key may be encrypted by using the session key decrypted in S103 to generate a key ciphertext, and the key ciphertext is sent to the target system.
As shown in step 211 in fig. 2, the key management system queries and obtains the system key encrypted by the master from the key repository, performs transcryption on the system key, and returns a key ciphertext to the access API.
The system key of the key management system is encrypted and stored, so that the security of the key in the key management system is improved.
S105: and decrypting the key ciphertext sent by the key management system to generate a decrypted system key.
As shown in step 212 in fig. 2, after obtaining the key ciphertext returned by the key management system, the access API decrypts the key ciphertext by using the session key, generates a decrypted key, and destroys the session key.
S106: and sending the decrypted system key to the target system.
As shown in step 213 of fig. 2, the access API sends the decrypted key to the target system, i.e., the target system obtains the decrypted system key, i.e., the key plaintext.
In the key management method provided by the embodiment, the system key is generated by the special hardware device in the encryption machine by calling the encryption machine through the key management system, and compared with a random number generated by a soft algorithm, the random number has stronger randomness, is more difficult to crack and reproduce, and improves the security of the system key. In addition, in the process that the application system requests the key from the key management system, the public and private key pair and the session key are used for encrypting the key token, so that the safety in the data transmission process is improved. And moreover, the system key issued to the application system by the key management system is encrypted and then issued, so that the transmission safety of the system key between the systems is further improved. In addition, the key management system is used for uniformly managing the system keys of different systems, thereby ensuring the security of the system keys and saving the manpower and equipment cost for designing the key keeping scheme of each system.
For the key management method provided by the foregoing embodiment, an embodiment of the present application further provides a computer storage medium, where the computer storage medium is used to store a computer program, and the computer program is used to execute the key management method provided by the foregoing embodiment. In practical applications, the computer program may be an executable code written in the Java language, and the code execution process is specifically shown in fig. 3 and will not be described herein again.
In addition, the embodiment of the application also provides a key management device. Referring to fig. 4, fig. 4 is a schematic structural diagram of a key management device according to an embodiment of the present application. As shown in fig. 4, the key management apparatus 400 includes an acquisition unit 401, an encryption unit 402, a transmission unit 403, and a decryption unit 404:
the obtaining unit 401 is configured to obtain a first key request sent by a target system; the key token in the first key request is generated by calling an encryption machine through a key management system;
the encrypting unit 402 is configured to encrypt the key token by using a session key and a public key sent by the key management system, so as to generate a token ciphertext;
the sending unit 403 is configured to send a second key request to the key management system, so that the key management system determines whether the target system is legal according to the decrypted key token after decrypting the token ciphertext by using the private key corresponding to the public key;
the obtaining unit 401 is configured to obtain a key ciphertext sent by the key management system when the target system is determined to be legal; the key before the encryption of the key ciphertext is generated by calling an encryption machine through the key management system;
the decryption unit 404 is configured to decrypt the key ciphertext sent by the key management system, and generate a decrypted key;
the sending unit 403 is configured to send the decrypted key to the target system.
In one possible implementation, the apparatus further includes a determining unit:
the determining unit is configured to determine, after the first key request sent by the target system is obtained, whether the target system is legal according to the application code of the target system and the key token in the first key request;
if yes, triggering the sending unit 403, and executing the step of encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
In a possible implementation manner, the determining unit is further configured to determine, after the first key request sent by the target system is obtained, whether the target system is legal according to the application code of the target system and the key token in the first key request;
if yes, triggering the encryption unit 402 to perform the step of encrypting the key token by using the session key and the public key sent by the key management system to generate a token ciphertext.
In a possible implementation manner, the encryption unit 402 is configured to:
encrypting the session key by using the public key sent by the key management system to generate a session ciphertext;
and encrypting the session ciphertext and the key token by using the session key to generate the token ciphertext.
In one possible implementation, the public key is obtained from the key management system according to the system code in the first key request; the session key is randomly generated.
In a possible implementation manner, the determining unit is configured to:
the key management system decrypts the session ciphertext by using a private key corresponding to the public key to generate a decrypted session key;
decrypting the token ciphertext by using the decrypted session key to generate a decrypted key token;
and determining whether the target system is legal or not according to the decrypted key token.
In a possible implementation manner, the obtaining unit 401 is further configured to, if the key management system decrypts the token ciphertext by using the private key corresponding to the public key, determine that the target system is illegal according to the decrypted key token, and obtain an error message returned by the key management system;
the sending unit 403 is further configured to send the error response message corresponding to the first key request to the target system according to the error message.
In the key management apparatus provided in the above embodiment, the system key is generated by the special hardware device in the encryption engine by calling the encryption engine through the key management system, and compared with a random number generated by a soft algorithm, the randomness of the system key is higher, the difficulty of being cracked and reproduced is higher, and the security of the system key is improved. In addition, in the process that the application system requests the key from the key management system, the public and private key pair and the session key are used for encrypting the key token, so that the safety in the data transmission process is improved. And moreover, the system key issued to the application system by the key management system is encrypted and then issued, so that the transmission safety of the system key between the systems is further improved. In addition, the key management system is used for uniformly managing the system keys of different systems, thereby ensuring the security of the system keys and saving the manpower and equipment cost for designing the key keeping scheme of each system.
In addition, the present application further provides a computer device, which includes a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to execute the key management method provided by the above embodiment according to the instructions in the program code.
It will be understood by those skilled in the art that all or part of the steps of implementing the above method embodiments may be implemented by hardware associated with program instructions, and that the program may be stored in a computer readable storage medium, and when executed, performs the steps including the above method embodiments; and the aforementioned storage medium may be at least one of the following media: various media that can store program codes, such as read-only memory (ROM), RAM, magnetic disk, or optical disk.
It should be noted that, in the present specification, all the embodiments are described in a progressive manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus and system embodiments, since they are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described embodiments of the apparatus and system are merely illustrative, and the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only one specific embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. A method of key management, the method comprising:
acquiring a first key request sent by a target system; the key token in the first key request is generated by calling an encryption machine through a key management system;
determining whether the target system is legal or not according to the application code of the target system and the key token in the first key request;
if the key is legal, encrypting the key token by using a session key and a public key sent by the key management system to generate a token ciphertext;
sending a second key request to the key management system so that the key management system can determine whether the target system is legal or not according to the decrypted key token after decrypting the token ciphertext by using a private key corresponding to the public key;
acquiring a key ciphertext transmitted by the key management system when the target system is confirmed to be legal; the key before the encryption of the key ciphertext is generated by calling an encryption machine through the key management system;
decrypting the key ciphertext sent by the key management system to generate a decrypted system key;
and sending the decrypted system key to the target system.
2. The method of claim 1, wherein encrypting the key token using a session key and a public key sent by the key management system to generate a token ciphertext comprises:
encrypting the session key by using the public key sent by the key management system to generate a session ciphertext;
and encrypting the session ciphertext and the key token by using the session key to generate the token ciphertext.
3. The method of claim 2, wherein the public key is obtained from the key management system according to system code in the first key request; the session key is randomly generated.
4. The method of claim 2, wherein after the key management system decrypts the token ciphertext with a private key corresponding to the public key, determining whether the target system is legal according to the decrypted key token comprises:
the key management system decrypts the session ciphertext by using a private key corresponding to the public key to generate a decrypted session key;
decrypting the token ciphertext by using the decrypted session key to generate a decrypted key token;
and determining whether the target system is legal or not according to the decrypted key token.
5. The method of claim 1, further comprising:
if the key management system decrypts the token ciphertext by using a private key corresponding to the public key, confirming that the target system is illegal according to the decrypted key token, and acquiring an error message returned by the key management system;
and sending an error response message corresponding to the first key request to the target system according to the error message.
6. A key management apparatus, characterized in that the apparatus comprises an acquisition unit, a determination unit, an encryption unit, a transmission unit, and a decryption unit:
the acquiring unit is used for acquiring a first key request sent by a target system; the key token in the first key request is generated by calling an encryption machine through a key management system;
the determining unit is used for determining whether the target system is legal or not according to the application code of the target system and the key token in the first key request;
the encryption unit is used for encrypting the key token by using a session key and a public key sent by the key management system to generate a token ciphertext;
the sending unit is configured to send a second key request to the key management system, so that the key management system determines whether the target system is legal according to the decrypted key token after decrypting the token ciphertext by using a private key corresponding to the public key;
the acquiring unit is used for acquiring a key ciphertext sent by the key management system when the target system is confirmed to be legal; the key before the encryption of the key ciphertext is generated by calling an encryption machine through the key management system;
the decryption unit is used for decrypting the key ciphertext sent by the key management system to generate a decrypted key;
the sending unit is configured to send the decrypted key to the target system.
7. A computer device, the computer device comprising a processor and a memory:
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to perform the method of any of claims 1-5 according to instructions in the program code.
8. A computer-readable storage medium, characterized in that the computer-readable storage medium is used to store a computer program for performing the method of any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011637138.4A CN112769560B (en) | 2020-12-31 | 2020-12-31 | Key management method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011637138.4A CN112769560B (en) | 2020-12-31 | 2020-12-31 | Key management method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112769560A CN112769560A (en) | 2021-05-07 |
| CN112769560B true CN112769560B (en) | 2023-03-24 |
Family
ID=75698059
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011637138.4A Active CN112769560B (en) | 2020-12-31 | 2020-12-31 | Key management method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112769560B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106535184A (en) * | 2016-10-18 | 2017-03-22 | 深圳市金立通信设备有限公司 | Key management method and system |
| WO2018014723A1 (en) * | 2016-07-20 | 2018-01-25 | 腾讯科技(深圳)有限公司 | Key management method, apparatus, device and system |
| CN107948156A (en) * | 2017-11-24 | 2018-04-20 | 郑州云海信息技术有限公司 | The closed key management method and system of a kind of identity-based |
-
2020
- 2020-12-31 CN CN202011637138.4A patent/CN112769560B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018014723A1 (en) * | 2016-07-20 | 2018-01-25 | 腾讯科技(深圳)有限公司 | Key management method, apparatus, device and system |
| CN106535184A (en) * | 2016-10-18 | 2017-03-22 | 深圳市金立通信设备有限公司 | Key management method and system |
| CN107948156A (en) * | 2017-11-24 | 2018-04-20 | 郑州云海信息技术有限公司 | The closed key management method and system of a kind of identity-based |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112769560A (en) | 2021-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110855671B (en) | Trusted computing method and system | |
| CN114726643B (en) | Data storage and access methods and devices on cloud platform | |
| US20220191012A1 (en) | Methods For Splitting and Recovering Key, Program Product, Storage Medium, and System | |
| US11831753B2 (en) | Secure distributed key management system | |
| US20140270179A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| CN113541935B (en) | Encryption cloud storage method, system, equipment and terminal supporting key escrow | |
| CN111104691A (en) | Sensitive information processing method and device, storage medium and equipment | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| CN113626802B (en) | Login verification system and method for equipment password | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| CN111865609A (en) | Private cloud platform data encryption and decryption system based on state cryptographic algorithm | |
| CN109379345B (en) | Sensitive information transmission method and system | |
| CN117240625B (en) | Tamper-resistant data processing method and device and electronic equipment | |
| CN112118245A (en) | Key management method, system and equipment | |
| CN112822021B (en) | Key management method and related device | |
| CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
| CN113886793A (en) | Device login method, device, electronic device, system and storage medium | |
| CN107241341B (en) | Access control method and device | |
| CN112769560B (en) | Key management method and related device | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN112437436A (en) | Identity authentication method and device | |
| JP2013179473A (en) | Account generation management system, account generation management server, account generation management method, account generation management program | |
| CN113315749B (en) | User data uplink, user data using method, anonymous system and storage medium | |
| Culnane et al. | Formalising Application-Driven Authentication & Access-Control based on Users’ Companion Devices | |
| CN112632589A (en) | Key escrow method, device, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |