CN112887082A - Key generation method and device - Google Patents

Key generation method and device Download PDF

Info

Publication number
CN112887082A
CN112887082A CN202010968894.9A CN202010968894A CN112887082A CN 112887082 A CN112887082 A CN 112887082A CN 202010968894 A CN202010968894 A CN 202010968894A CN 112887082 A CN112887082 A CN 112887082A
Authority
CN
China
Prior art keywords
user
key
generating
secret
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010968894.9A
Other languages
Chinese (zh)
Inventor
程朝辉
胡敦粮
周广胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Aolian Information Security Technology Co ltd
Original Assignee
Shenzhen Aolian Information Security Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Aolian Information Security Technology Co ltd filed Critical Shenzhen Aolian Information Security Technology Co ltd
Priority to CN202010968894.9A priority Critical patent/CN112887082A/en
Publication of CN112887082A publication Critical patent/CN112887082A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Physics & Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Computing Systems (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of encryption methods, and provides a key generation method and a key generation device, which are used for solving the problem of regeneration after a key is lost. The key generation method provided by the invention comprises the following steps: generating a base secret; generating a temporary secret, the information on which the temporary secret is generated including, but not limited to, one or both of identification information, a base secret; generating a user claim public key and a first user portion private key, information required to generate the user claim public key including, but not limited to, a temporary secret; the information required to generate the first user portion private key includes, but is not limited to, one or more of a temporary secret, identification information, a base secret. The method and the device improve the safety, save the overhead, are suitable for regenerating the key after the entity key is lost, and are particularly suitable for application scenes such as the Internet of things and the like needing a lightweight public key algorithm.

Description

Key generation method and device
Technical Field
The invention relates to the field of encryption methods, in particular to a secret key generation method and a secret key generation device.
Background
In either an implicit certificate system or a certificateless system, in some scenarios, the key of an entity needs to be able to be regenerated. For example, in order to prevent the situation that the encrypted data cannot be decrypted due to the loss of the key of the entity, the system needs to regenerate the corresponding key when the system is allowed.
Disclosure of Invention
The technical problem solved by the invention is the problem of regeneration after the key is lost, and the key generation method is provided.
In order to solve the technical problems, the technical scheme provided by the invention is as follows:
a method of key generation comprising:
generating a base secret;
generating a temporary secret, the information on which the temporary secret is generated including, but not limited to, one or both of identification information, a base secret;
generating a user claim public key, information required to generate the user claim public key including, but not limited to, a temporary secret;
generating a first user portion private key, the information required to generate the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
The user declaration public key and the first user part private key are generated by the trusted authority, the user identification and the user part public key are combined, the method is suitable for a key loss scene, and key regeneration can be realized as long as the user identification is determined.
The method and the device improve the safety, save the overhead, are suitable for regenerating the key after the entity key is lost, and are particularly suitable for application scenes such as the Internet of things and the like needing a lightweight public key algorithm.
Preferably, the method for generating the user declaration public key based on the temporary secret is as follows: and carrying out elliptic curve operation on the temporary secret.
Preferably, the method for generating the first user part private key comprises the following steps:
generating a first value based on evaluating a hash function that produces a hash function output as a function of a hash function input, the hash function input including but not limited to information of a user-declared public key;
generating a first user-part private key based on the temporary secret, the first value, and the base secret.
Preferably, the method further comprises the following steps:
obtaining a second value based on evaluating a hash function, the evaluating the hash function producing a hash function output from a hash function input, the hash function input including but not limited to the identification information;
the purpose of the second value includes, but is not limited to, generating a first user portion private key, generating a temporary secret. The second value may be used to generate the first user portion private key to improve security.
Preferably, the method further comprises the following steps:
generating a master private key, the use of which includes, but is not limited to, generating a temporary secret, the method of generating the master private key comprising: generating or randomly generating a master private key based on the base secret;
and obtaining a master public key based on elliptic curve operation on the master private key, wherein the master public key is used for generating a temporary secret.
Preferably, the method further comprises the following steps:
acquiring a user part public key;
the purpose of the user part public key includes but is not limited to generating a temporary secret, generating a user declaration public key. If the user part public key is not lost, the key can be more safely regenerated according to the user part public key.
Preferably, the method of generating the temporary secret is:
generating log of length or more2n length intermediate secrets, the intermediate secrets are converted into a large number and then calculated to obtain temporary secrets; n is the order of a base point on the elliptic curve; the information needed to generate the intermediate secret includes, but is not limited to, identification information, a base secret. The length of the temporary secret is adjusted to improve security.
A method of key generation, comprising:
sending information required by key generation, wherein the information required by key generation comprises but is not limited to identification information;
obtaining return information including, but not limited to, a user claim public key and a first user portion private key;
a user private key is generated, and the information required to generate the user private key includes, but is not limited to, the first user partial private key.
Preferably, the method further comprises the following steps:
generating a random number as a second user part private key;
carrying out elliptic curve operation on the second user part private key to obtain a user part public key;
the information required by the key generation also comprises a user part public key; the information required to generate the user private key also includes a second user partial private key.
A key generation apparatus comprising a key generation center, the key generation center comprising:
a base secret generation module that generates a base secret;
a temporary secret generation module that generates a temporary secret based on information including, but not limited to, one or both of identification information, a base secret;
the user declaration public key generating module generates a user declaration public key, and information required for generating the user declaration public key comprises but is not limited to a temporary secret;
a first user portion private key generation module, the first user portion private key generation module generating information required by the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
A key generation apparatus comprising an entity, the entity comprising:
the information submitting module sends information required by key generation, wherein the information required by key generation comprises but is not limited to identification information;
a return information obtaining module, which obtains return information, including but not limited to a user declaration public key and a first user part private key;
a user private key generation module, the user private key generation module generating information required by the user private key including but not limited to the first user partial private key.
Compared with the prior art, the invention has the beneficial effects that: the method and the device improve the safety, save the overhead, are suitable for regenerating the key after the entity key is lost, and are particularly suitable for application scenes such as the Internet of things and the like needing a lightweight public key algorithm.
As long as the user ID is determined, the temporary secret w generated based on the ID is determined, and the user-part key t is generated based on the temporary secretAIs determined, the user private key d is finally obtainedAAnd is also deterministic, so that the key can be regenerated under the conditions of user ID determination.
Drawings
Fig. 1 is a schematic diagram of a key generation method.
Fig. 2 is another schematic diagram of a key generation method.
Fig. 3 is another schematic diagram of a key generation method.
Detailed Description
The following examples are further illustrative of the present invention and are not intended to be limiting thereof.
A key generation method, in some embodiments of the present application, comprising:
generating a base secret;
generating a temporary secret, the information on which the temporary secret is generated including, but not limited to, one or both of identification information, a base secret;
generating a user claim public key, information required to generate the user claim public key including, but not limited to, a temporary secret;
generating a first user portion private key, the information required to generate the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
The user declaration public key and the first user part private key are generated by the trusted authority, the user identification and the user part public key are combined, the method is suitable for a key loss scene, and key regeneration can be realized as long as the user identification is determined.
The method and the device improve the safety, save the overhead, are suitable for regenerating the key after the entity key is lost, and are particularly suitable for application scenes such as the Internet of things and the like needing a lightweight public key algorithm.
In some embodiments of the present application, comprising:
generating a base secret ks;
generating a temporary secret w based on information including, but not limited to, an identification information IDAOne or both of the base secrets ks;
generating a user declaration public key WAGenerating the user declaration public key WAThe required information includes, but is not limited to, a temporary secret w;
generating a first user portion private key tAGenerating said first user portion private key tAThe required information includes, but is not limited to, the temporary secret w, the identification information IDAOne or several of the base secrets ks.
In some embodiments of the present application, the information on which the generation of the temporary secret w is based includes, but is not limited to, an identification information IDAThe master private key ms derived from the base secret ks.
In some embodiments of the present application, a KDF algorithm is employed to generate a temporary secret based on the identification information and a base secret, w = KDF (ID)A|' ks, len) mod n, len being greater than or equal to log2n is the same as the formula (I). The KDF is a secure key derivation function and converts derived values into large numbers, the inputs of which include the data for derivation and the derived bit length.
In some embodiments of the present application, the method for generating the user declaration public key based on the temporary secret is: performing elliptic curve operation on temporary secret WA=[w]G. G is a base point of the elliptic curve, and the order of the base point is prime.
In some embodiments of the present application, a first user partial private key t is generatedAThe method comprises the following steps:
generating a first value lambda based on evaluating a hash function,evaluating the hash function produces a hash function output from a hash function input, including but not limited to a user-declared public key WAThe information of (a);
generating a first user-part private key t based on the temporary secret w, the first value λ, the base secret ksA,tA=(w+λ*ks) mod n。
In some embodiments of the application, a master private key ms is derived based on the base secret ks.
In some embodiments of the present application, a random number is randomly generated as the primary private key ms. In some embodiments of the present application, the master public key P is obtained by performing elliptic curve operation based on the master private key mspub,Ppub=[ms]G。
In some embodiments of the present application, the first user part private key t is generated based on the tentative secret w, the first value λ, the master private key ms derived from the base secret ksA,tA= (w + λ ms) mod n. n is the order of the base point on the elliptic curve
In some embodiments of the present application, λ = H256(xWA‖yWA‖IDA) mod n,(xWA,yWA) Declaring a public key W for a userAThe coordinates of (a). In this embodiment, the information of the user declaration public key and the information of the user identification are concatenated as inputs to a function of the hash.
In some embodiments of the present application, further comprising:
obtaining a second value H based on evaluating a hash functionAEvaluating the hash function produces a hash function output based on a hash function input, including but not limited to the identification information IDA
The second value HAIncluding but not limited to generating a first user portion private key tA
In some embodiments of the present application, the second value H is obtained based on evaluating a hash functionAEvaluating the hash function produces a hash function output from a hash function input, including but not limited toSaid identification IDAInformation; hA=H256(ENTLA‖IDA) In the present embodiment, the ID will be identifiedAAnd identified string length ENTLAAs an input, the IDAAnd ENTLAAfter splicing, the second value H is calculated as the input of the hash functionA
In some embodiments of the present application, the second value H is obtained based on evaluating a hash functionAEvaluating the hash function to produce a hash function output as a function of a hash function input, the hash function input including the identification IDAInformation and master public key P obtained by elliptic curve operation based on master private key mspub,Ppub=[ms]G;HA=H256(ENTLA‖IDA‖a‖b‖xG‖yG‖xPub‖yPub) (ii) a In this embodiment, the ID will be identifiedAAnd identified string length ENTLAMaster public key PpubInformation as input, master public key PpubThe information includes information (a, b) including a defined elliptic curve E, coordinates (x) of a base point G on the elliptic curve EG,yG) Master public key PpubCoordinates (x) on the defined elliptic curvePub,yPub)。
In some embodiments of the present application, w = KDF (H)A|' ks, len) mod n, len being greater than or equal to log2n is the same as the formula (I). In the present embodiment to generate an ID based on a user identificationASecond value of (H)AAs a basis for generating the temporary secret w, security in the key regeneration process can be improved.
In some embodiments of the present application, a first user partial private key t is generatedAThe method comprises the following steps:
obtaining a second value H based on evaluating a hash functionAEvaluating the hash function produces a hash function output from a hash function input, including but not limited to the identification IDAInformation and master public key P obtained by elliptic curve operation based on master private key mspubThe information of (a); hA=H256(ENTLA‖IDA‖a‖b‖xG‖yG‖xPub‖yPub);
Generating a first value λ based on evaluating a hash function that produces a hash function output from a hash function input, including but not limited to a user-declared public key WAAnd the identification IDAInformation; the identification ID in this embodimentAThe information being based on an identification IDAThe generated second value HA,λ=H256(xWA‖yWA‖HA) mod n,(xWA,yWA) Declaring a public key W for a userAThe coordinates of (a);
generating a first user-part private key t based on the temporary secret w, the first value λ, the base secret ksA,tA=(w+λ*ks) mod n。
The second value may be used to generate the first user portion private key to improve security.
In some embodiments of the present application, further comprising:
obtaining a user part public key UA
The user part public key UAIncluding but not limited to generating a temporary secret W, generating a user claim public key WA
In some embodiments of the present application, the method for generating the user declaration public key based on the temporary secret and the user partial public key comprises: based on the result of elliptic curve operation on temporary secret w and user part public key UAGenerating a user declaration public key WA,WA=[w]G+UA
If the user part public key is not lost, the key can be more safely regenerated according to the user part public key.
In some embodiments of the present application, the method of generating a temporary secret is:
generating intermediate secrets with the length being more than or equal to log2n, converting the intermediate secrets into large numbers, and obtaining temporary secrets less than n through calculation; n is the order of a base point on the elliptic curve; the information needed to generate the intermediate secret includes, but is not limited to, identification information, a base secret.
In some embodiments of the present application, w = KDF (H)A‖xU‖yU‖ks, 8×⌈(5×(log2n))/32 ⌉) mod n. Wherein xU、yUIs UAThe coordinate values of (2).
In some embodiments of the present application, w = KDF (H)A‖xU‖yU‖ms, 8×⌈(5×(log2n))/32 ⌉) mod n. ms is the primary private key generated based on ks, or a randomly generated primary private key.
The length of the temporary secret is adjusted to improve security.
A key generation method, in some embodiments of the present application, comprising:
issuing information required for key generation including, but not limited to, identification IDAInformation;
obtaining return information including, but not limited to, a user declaration public key WAAnd a first user part private key tA
Generating a user private key dAThe information required for generating the user private key includes, but is not limited to, the first user partial private key tA
In some embodiments of the present application, dA=(tA) mod n。
In some embodiments of the present application, the information required for key generation further includes a user partial public key UASaid user part public key UAThe generation method comprises the following steps: generating a random number as the second user portion private key d ″ATo d ″)ACarrying out elliptic curve operation to obtain user part public key UA=[d`A]G;;
The information required to generate the user private key further comprises a second user partial private key d ″A,dA=(tA+d`A) mod n. In this embodiment, the second user portion is private-key d ″AThe setting may be 0 or may not be 0, and further, in the above embodiment, the user partial public key U does not need to be acquiredAIn the embodiment of (1), practiceThe above is dA=0, and then UA=[d`A]G=0。
A key generation method, in some embodiments of the present application, comprising:
a key generation center KGC generates a basic secret ks;
entity A will identify IDAThe information is sent to a key generation center KGC;
the key generation center KGC generates a temporary secret w based on information including, but not limited to, identification information IDAOne or both of the base secrets ks; w = KDF (ID)A|' ks, len) mod n, len being greater than or equal to log2n
Generating a user declaration public key WAGenerating the user declaration public key WAThe required information includes, but is not limited to, a temporary secret w; (ii) a
Generating a first user portion private key tAGenerating said first user portion private key tAThe required information includes, but is not limited to, the temporary secret w, the identification information IDAOne or more of the base secrets ks;
the entity A obtains a first user part private key tAAnd a user declaration public key WA
The entity A is based on a first user part private key tAObtaining a user private key dA;dA=(tA) mod n。
A key generation method, in some embodiments of the present application, comprising:
s101, a key generation center KGC generates a basic secret ks, derives a master private key ms according to ks, and generates a master public key P according to the master private key mspub,Ppub=[ms]G;
S102, the entity A generates a random number as a second user part private key d ″ABased on the second user part private key d ″AGenerating a user part public key UA,UA=[d`A]G;
S201. the entity A identifies the IDAInformation and user part public key UASending the key to a key generation center KGC;
s202, the secret keyUser identification ID is obtained by KGC (Generation center)AInformation, user part public key UA
S301, the key generation center KGC generates a second value H based on evaluating a hash functionA(ii) a The input to the hash function comprises a user identification, IDAInformation and master public key PpubInformation; hA=H256(ENTLA‖IDA‖a‖b‖xG‖yG‖xPub‖yPub);
S302, the key generation center KGC is based on a second value HAAnd generating temporary secret w with the length of log or more by using the basic secret ks2n length intermediate secrets, the intermediate secrets are converted into large numbers to obtain temporary secrets; w = KDF (H)A‖xU‖yU‖ks, 8×⌈(5×(log2n))/32⌉) mod n;
S303, the key generation center KGC is based on the temporary secret w and the user part public key UAGenerating a user declaration public key WA,WA=[w]G+UA
S304. the key generation center KGC generates a second value λ, λ = H, based on evaluating a hash function256(xWA‖yWA‖HA) mod n;
S305, the key generation center KGC generates a first user part private key t based on the second value lambda, the temporary secret w and the master private key msA;tA=(w+λ*ms) mod n;
S306, the key generation center KGC sends out a user declaration public key WAAnd a first user part private key tAGiving entity A;
s401, the entity A obtains a private key t of a first user partAAnd a user declaration public key WA
S402, the entity A is based on a first user part private key tAThe second user part private key d ″AObtaining a user private key dA;dA=(tA+d`A) mod n;
If d isAIf not more than 0, then re-generate d ″ARecalculating dA
A key generation apparatus, in some embodiments of the present application, comprising:
a base secret generation module that generates a base secret;
a temporary secret generation module that generates a temporary secret based on information including, but not limited to, one or both of identification information, a base secret;
the user declaration public key generating module generates a user declaration public key, and information required for generating the user declaration public key comprises but is not limited to a temporary secret;
a first user portion private key generation module, the first user portion private key generation module generating information required by the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
In some embodiments of the present application, the method for generating the user declaration public key by the temporary secret generation module based on the temporary secret is as follows: and carrying out elliptic curve operation on the temporary secret.
Preferably, the method for generating the first user partial private key by the first user partial private key generating module is as follows:
generating a first value based on evaluating a hash function that produces a hash function output as a function of a hash function input, the hash function input including but not limited to information of a user-declared public key;
generating a first user-part private key based on the temporary secret, the first value, and the base secret.
In some embodiments of the present application, further comprising a second value generation module that obtains a second value based on evaluating a hash function that produces a hash function output from a hash function input, the hash function input including but not limited to the identification information;
the purpose of the second value includes, but is not limited to, generating a first user portion private key, generating a temporary secret. The second value may be used to generate the first user portion private key to improve security.
In some embodiments of the present application, the system further includes a user part public key obtaining module, where the user part public key obtaining module obtains a user part public key;
the purpose of the user part public key includes but is not limited to generating a temporary secret, generating a user declaration public key. If the user part public key is not lost, the key can be more safely regenerated according to the user part public key.
In some embodiments of the present application, the method for generating the temporary secret by the temporary secret generation module is:
generating log of length or more2n length intermediate secrets, converting the intermediate secrets into large numbers and obtaining temporary secrets less than n through calculation; n is the order of a base point on the elliptic curve; the information needed to generate the intermediate secret includes, but is not limited to, identification information, a base secret. The length of the temporary secret is adjusted to improve security.
A key generation apparatus comprising an entity, the entity comprising:
the information submitting module sends information required by key generation, wherein the information required by key generation comprises but is not limited to identification information;
a return information obtaining module, which obtains return information, including but not limited to a user declaration public key and a first user part private key;
a user private key generation module, the user private key generation module generating information required by the user private key including but not limited to the first user partial private key.
In some embodiments of the present application, the system further comprises a first user portion private key generation module that generates a random number as the first user portion private key
The method for generating the user part public key by the user public key generation module comprises the steps of carrying out elliptic curve operation on the first user part private key to obtain a user part public key; the user part public key is included in the key generation information.
The above detailed description is specific to possible embodiments of the present invention, and the above embodiments are not intended to limit the scope of the present invention, and all equivalent implementations or modifications that do not depart from the scope of the present invention should be included in the present claims.

Claims (11)

1. A key generation method, comprising:
generating a base secret;
generating a temporary secret, the information on which the temporary secret is generated including, but not limited to, one or both of identification information, a base secret;
generating a user claim public key, information required to generate the user claim public key including, but not limited to, a temporary secret;
generating a first user portion private key, the information required to generate the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
2. The key generation method of claim 1, wherein the method for generating the user declaration public key based on the temporary secret is: and carrying out elliptic curve operation on the temporary secret.
3. The method of claim 1, wherein the method of generating the first user portion private key comprises:
generating a first value based on evaluating a hash function that produces a hash function output as a function of a hash function input, the hash function input including but not limited to information of a user-declared public key;
generating a first user-part private key based on the temporary secret, the first value, and the base secret.
4. The key generation method according to claim 1, further comprising:
obtaining a second value based on evaluating a hash function, the evaluating the hash function producing a hash function output from a hash function input, the hash function input including but not limited to the identification information;
the purpose of the second value includes, but is not limited to, generating a first user portion private key, generating a temporary secret.
5. The key generation method according to claim 1, further comprising:
generating a master private key, the use of which includes, but is not limited to, generating a temporary secret, the method of generating the master private key comprising: one of generated based on a base secret or randomly generated;
and obtaining a master public key based on elliptic curve operation on the master private key, wherein the master public key is used for generating a temporary secret.
6. The key generation method according to claim 1, further comprising:
acquiring a user part public key;
the purpose of the user part public key includes but is not limited to generating a temporary secret, generating a user declaration public key.
7. The key generation method of claim 1, wherein the method of generating the temporary secret is:
generating log of length or more2n length intermediate secrets, the intermediate secrets are converted into a large number and then calculated to obtain temporary secrets; n is the order of a base point on the elliptic curve; the information needed to generate the intermediate secret includes, but is not limited to, identification information, a base secret.
8. A method of key generation, comprising:
sending information required by key generation, wherein the information required by key generation comprises but is not limited to identification information;
obtaining return information including, but not limited to, a user claim public key and a first user portion private key;
a user private key is generated, and the information required to generate the user private key includes, but is not limited to, the first user partial private key.
9. The key generation method of claim 8, further comprising:
generating a random number as a second user part private key;
carrying out elliptic curve operation on the second user part private key to obtain a user part public key;
the information required by the key generation also comprises a user part public key; the information required to generate the user private key also includes a second user partial private key.
10. A key generation apparatus comprising a key generation center, the key generation center comprising:
a base secret generation module that generates a base secret;
a temporary secret generation module that generates a temporary secret based on information including, but not limited to, one or both of identification information, a base secret;
the user declaration public key generating module generates a user declaration public key, and information required for generating the user declaration public key comprises but is not limited to a temporary secret;
a first user portion private key generation module, the first user portion private key generation module generating information required by the first user portion private key including, but not limited to, one or more of a temporary secret, identification information, a base secret.
11. A key generation apparatus comprising an entity, the entity comprising:
the information submitting module sends information required by key generation, wherein the information required by key generation comprises but is not limited to identification information;
a return information obtaining module, which obtains return information, including but not limited to a user declaration public key and a first user part private key;
a user private key generation module, the user private key generation module generating information required by the user private key including but not limited to the first user partial private key.
CN202010968894.9A 2020-09-15 2020-09-15 Key generation method and device Pending CN112887082A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010968894.9A CN112887082A (en) 2020-09-15 2020-09-15 Key generation method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010968894.9A CN112887082A (en) 2020-09-15 2020-09-15 Key generation method and device

Publications (1)

Publication Number Publication Date
CN112887082A true CN112887082A (en) 2021-06-01

Family

ID=76042901

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010968894.9A Pending CN112887082A (en) 2020-09-15 2020-09-15 Key generation method and device

Country Status (1)

Country Link
CN (1) CN112887082A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013116928A1 (en) * 2012-02-10 2013-08-15 Connect In Private Corp. Method and system for a certificate-less authentication encryption (clae)
CN108471351A (en) * 2018-06-27 2018-08-31 西南交通大学 Car networking certifiede-mail protocol method based on no certificate aggregate signature
CN108989053A (en) * 2018-08-29 2018-12-11 武汉珈港科技有限公司 It is a kind of based on elliptic curve without CertPubKey cipher system implementation method
CN109818744A (en) * 2019-02-27 2019-05-28 矩阵元技术(深圳)有限公司 Shared secret key generation method, device, computer equipment and storage medium
CN111245847A (en) * 2020-01-15 2020-06-05 北京三未信安科技发展有限公司 Lightweight certificateless authentication method, client and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013116928A1 (en) * 2012-02-10 2013-08-15 Connect In Private Corp. Method and system for a certificate-less authentication encryption (clae)
CN108471351A (en) * 2018-06-27 2018-08-31 西南交通大学 Car networking certifiede-mail protocol method based on no certificate aggregate signature
CN108989053A (en) * 2018-08-29 2018-12-11 武汉珈港科技有限公司 It is a kind of based on elliptic curve without CertPubKey cipher system implementation method
CN109818744A (en) * 2019-02-27 2019-05-28 矩阵元技术(深圳)有限公司 Shared secret key generation method, device, computer equipment and storage medium
CN111245847A (en) * 2020-01-15 2020-06-05 北京三未信安科技发展有限公司 Lightweight certificateless authentication method, client and system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ZHAOHUI CHENG等: "Certificateless Public Key Signature Schemes from Standard Algorithms", 《ISPEC 2018》 *
国家密码管理局: "SM9标识密码算法 第3部分:密钥交换协议", 《中华人民共和国密码行业标准》 *
程朝辉: "基于标准算法的高效无证书密码系统", 《中国信息安全》 *

Similar Documents

Publication Publication Date Title
CN107438005B (en) SM9 joint digital signature method and device
US9515825B2 (en) Method for password based authentication and apparatus executing the method
JP2003318896A (en) Method for authenticating potential member invited to join group
WO2019047418A1 (en) Digital signature method, device and system
CN110336673B (en) Block chain design method based on privacy protection
KR20160029640A (en) System and method for key exchange based on authtication information
JP2006109107A (en) Signature formation method, signature verification method, public key distribution method, and information processing apparatus
JP3851258B2 (en) Pseudorandom number generator for improved ANSIIX 9.17 and improved FIPS186 with forward security
JP2022500920A (en) Systems and methods for sharing common secrets implemented by computers
CN111277417A (en) Electronic signature implementation method based on national network security technology architecture
CN113271209A (en) Trustable public key encryption system and method based on non-interactive zero-knowledge proof
CN111447065A (en) Active and safe SM2 digital signature two-party generation method
US6983369B2 (en) Authentication system, and contents-information sender and receiver
CN108199836B (en) Method and device for binding and unbinding key and equipment
CN112737783B (en) Decryption method and device based on SM2 elliptic curve
RU2533087C2 (en) Cryptography with parameterisation on elliptic curve
CN112887082A (en) Key generation method and device
JP5434925B2 (en) Multi-party distributed multiplication apparatus, multi-party distributed multiplication system and method
CN114499854B (en) Identity authentication method and system based on wireless sensor network and electronic equipment
CN116760530A (en) Lightweight authentication key negotiation method for electric power Internet of things terminal
CN107872312A (en) Symmetric key dynamic creation method, device, equipment and system
CN114465804B (en) Instruction encryption and decryption method capable of resisting replay attack
CN112131616B (en) Mask operation method and device for SM2 algorithm
CN112131613B (en) Mask operation method and device for SM2 algorithm
CN114710359B (en) Industrial network dynamic key management method and industrial network encryption communication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210601

RJ01 Rejection of invention patent application after publication