CN113206739A - Key generation method and device for combined public key CPK and storage medium - Google Patents

Key generation method and device for combined public key CPK and storage medium Download PDF

Info

Publication number
CN113206739A
CN113206739A CN202110557692.XA CN202110557692A CN113206739A CN 113206739 A CN113206739 A CN 113206739A CN 202110557692 A CN202110557692 A CN 202110557692A CN 113206739 A CN113206739 A CN 113206739A
Authority
CN
China
Prior art keywords
key
mapping
alice
client
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110557692.XA
Other languages
Chinese (zh)
Other versions
CN113206739B (en
Inventor
南相浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinshang Bochuang Beijing Technology Co ltd
Original Assignee
Jinshang Bochuang Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinshang Bochuang Beijing Technology Co ltd filed Critical Jinshang Bochuang Beijing Technology Co ltd
Priority to CN202110557692.XA priority Critical patent/CN113206739B/en
Publication of CN113206739A publication Critical patent/CN113206739A/en
Application granted granted Critical
Publication of CN113206739B publication Critical patent/CN113206739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the invention provides a secret key generation method and device of a Combined Public Key (CPK) and a storage medium, belonging to the technical field of information security. The method comprises the following steps: a service center (SVC) receives a key application message sent by a client, wherein the key application message comprises a user identifier and a key application type; generating a first half key according to the key application type, the first mapping key and the first half key of the key matrix; and sending the encrypted first half part of the key to the client so that the client can obtain the key to be used according to the first half part of the key and the second half part of the key stored locally. The embodiment of the invention is suitable for the processes of digital signature and data encryption.

Description

Key generation method and device for combined public key CPK and storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method and an apparatus for generating a key of a combined public key CPK, and a storage medium.
Background
CPK (Combined Public Key) is the first international identity-based Public Key system with digital signature and Key encryption functions. The CPK is simple in programming, large in combination quantity and high in operation speed. But with the development of networks, cyber crime is increasingly rampant. With the advent of quantum computers, crime techniques are increasingly sophisticated, providing new challenges to the traditional public key system, forcing people to adopt new techniques that disable exhaustive arithmetic.
Disclosure of Invention
Embodiments of the present invention provide a method, an apparatus, and a storage medium for generating a key of a combined public key CPK, which divide the key into two parts for storage, thereby improving security of a user key.
In order to achieve the above object, an embodiment of the present invention provides a key generation method for a CPK, where the method is applied to a service center SVC, and includes: receiving a key application message sent by a client, wherein the key application message comprises a user identifier and a key application type; generating a first half key according to the key application type, the first mapping key and the first half key of the key matrix; and sending the encrypted first half part of the key to the client so that the client can obtain the key to be used according to the first half part of the key and the second half part of the key stored locally.
Further, when the key application type is a first half of a private key of signature, the generating a first half of a key according to the key application type, the first mapping key, and the first half of a key matrix includes: collecting first network time; according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key; according to
Figure BDA0003077916910000021
Obtaining the first half alice' of the signature private key, wherein,
Figure BDA0003077916910000022
is the first half of the signature private key matrix; the sending the encrypted first half of the key to the client comprises: and sending the first network time and the first half part of the signature private key to the client after encryption.
Further, when the type of the key application is the first half of the secret key, the key application message further comprises a second network time, and the method is based on theThe first half of the key matrix, the first mapping key and the key application type, and the generating the first half of the key comprises: according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, and Hkey1 is the first mapping key; according to
Figure BDA0003077916910000023
Obtaining the first half alice' of the decrypted private key, wherein,
Figure BDA0003077916910000024
is the first half of the encryption private key matrix.
Further, when the key application type is a first half of a verification public key, the key application message further includes a first network time, and generating the first half of the key according to the key application type, the first mapping key, and the first half of the key matrix includes: according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key; according to
Figure BDA0003077916910000025
The first half of the authentication public key, ALICE ", is obtained, wherein,
Figure BDA0003077916910000026
is the first half of the public signature key matrix.
Further, when the key application type is a first half of an encrypted public key, the generating a first half of a key according to the key application type, the first mapping key, and the first half of a key matrix includes: collecting a second network time; according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, and Hkey1 is a first mapping key; according to
Figure BDA0003077916910000027
The first half of the cryptographic public key, ALICE ", is obtained, wherein,
Figure BDA0003077916910000028
the first half part of the encryption public key matrix; the sending the encrypted first half of the key to the client comprises: and sending the second network time and the first half part of the encrypted public key to the client after encryption.
Correspondingly, an embodiment of the present invention further provides a CPK key generation method, where the method is applied to a client, and includes: sending a key application message to a service center (SVC), wherein the key application message comprises a user identifier and a key application type; receiving the encrypted key front half returned by the SVC, and decrypting to obtain the key front half; and adding the first half part of the key and the second half part of the locally stored key to obtain the key to be used.
Further, when the key application type is the first half of the private key, the second half of the locally stored key is obtained by: and sending a second half private key application message to a Key Management Center (KMC), wherein the second half private key application message comprises a user identifier and a private key application type.
Further, when the key application type is the first half of the public key, the second half of the locally stored key is obtained by: according to HashHkey2(Alice)=c0,c1,c2,…,c15Mapping to obtain a mapping sequence c0,c1,c2,…,c15Wherein, Alice is the user identifier, and Hkey2 is the second mapping key; obtaining the locally stored public key according to the mapping sequence and the second half part of the public key matrixAnd a half portion.
Further, when the type of the key application is first half of an encrypted public key, obtaining a second half of the locally stored public key according to the mapping sequence and a second half of a public key matrix includes: according to
Figure BDA0003077916910000031
The second half of the cryptographic public key, ALICE ", is obtained, wherein,
Figure BDA0003077916910000032
the second half of the encryption public key matrix.
Further, when the type of the key application is a first half of a verification public key, obtaining a second half of the locally stored public key according to the mapping sequence and a second half of a public key matrix includes: according to
Figure BDA0003077916910000033
Obtain the second half of the authentication public key, ALICE ", wherein,
Figure BDA0003077916910000034
the second half of the signature public key matrix.
Correspondingly, an embodiment of the present invention further provides a key generation device for combining a public key CPK, where the key generation device is applied to a service center SVC, and includes: the system comprises a receiving module, a sending module and a sending module, wherein the receiving module is used for receiving a key application message sent by a client, and the key application message comprises a user identifier and a key application type; the key generation module is used for generating a first half key according to the key application type, the first mapping key and the first half part of the key matrix; and the sending module is used for sending the encrypted first half part of the key to the client so that the client can obtain the key to be used according to the first half part of the key and the locally stored second half part of the key.
Correspondingly, an embodiment of the present invention further provides a key generation apparatus for combining a public key CPK, where the apparatus is applied to a client, and includes: the system comprises a sending module, a receiving module and a sending module, wherein the sending module is used for sending a key application message to a service center (SVC), and the key application message comprises a user identifier and a key application type; the receiving module is used for receiving the encrypted key front half returned by the SVC and decrypting the encrypted key front half to obtain the key front half; and the key synthesis module is used for adding the first half part of the key and the second half part of the locally stored key to obtain the key to be used.
Accordingly, an embodiment of the present invention further provides a machine-readable storage medium having stored thereon instructions for causing a machine to execute a key generation method applied to the CPK of the SVC and/or a key generation method applied to the CPK of the client.
By the technical scheme, the secret key is divided into two parts to be stored respectively, so that the safety of the user secret key is improved.
Additional features and advantages of embodiments of the invention will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the embodiments of the invention without limiting the embodiments of the invention. In the drawings:
fig. 1 is a schematic flowchart of a key generation method of a CPK according to an embodiment of the present invention;
FIG. 2 is a diagram of a generation map of various keys provided by an embodiment of the present invention;
fig. 3 is a schematic flowchart of another CPK key generation method according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a key generation method of a CPK according to another embodiment of the present invention;
fig. 5 is a schematic flowchart of another CPK key generation method according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a key generation apparatus of a CPK according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of another key generation apparatus of a CPK according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating embodiments of the invention, are given by way of illustration and explanation only, not limitation.
Although the CPK system in the prior art is concise in formulation, large in combination quantity and extremely fast in operation speed, with the advent of quantum computers, "death" of all public key systems is announced, so that a new anti-quantum-exhaustion system has to be researched. In order to prevent quantum exhaustion, in the embodiment of the present invention, the Key is divided into two parts to be stored, wherein the first half of the Key is generated by a SVC (Service Center), and the second half of the Key is responsible for a KMC (Key Management Center) that originally generates the identification Key. The embodiments of the present invention will be described in detail below.
Example one
Fig. 1 is a schematic flowchart of a key generation method of a CPK according to an embodiment of the present invention.
As shown in fig. 1, the method is applied to SVC, and comprises the following steps:
step 101, receiving a key application message sent by a client, wherein the key application message comprises a user identifier and a key application type;
102, generating a first half key according to the key application type, the first mapping key and the first half key of the key matrix;
and 103, sending the encrypted first half part of the key to the client, so that the client can obtain the key to be used according to the first half part of the key and the second half part of the key stored locally.
Wherein, the key matrix of the CPK is set in the embodiment of the inventionThe signature matrix and the encryption matrix are both 32x32 in size. The signature matrix and the encryption matrix are respectively divided into a private key matrix and a public key matrix, the first 16 columns of each matrix are called the first half, and the last 16 columns of each matrix are called the second half. First half of the signature private key matrix is signed by ri,jThe rear half is denoted by si,jRepresenting the first half of the public key matrix signed by Ri,jThe rear half is shown as Si,jAnd (4) showing. Encrypting the first half of the private key matrix with ti,jThe rear half is indicated by ui,jRepresenting, encrypting the first half of the public key matrix by Ti,jDenotes, the rear half Ui,jAnd (4) showing. The first half of the signature private key matrix, the first half of the signature public key matrix, the first half of the encryption private key matrix and the first half of the encryption public key matrix are all stored in the SVC, and the second half of the signature private key matrix and the second half of the encryption private key matrix are all stored in the KMC. The second half of the signature public key matrix and the second half of the encryption public key matrix are disclosed to the outside.
In addition, since the keys include a signature private key, a decryption private key, a verification public key, and an encryption public key, each key includes a first half and a second half. Therefore, as can be seen from the generation maps of the keys shown in fig. 2, when the client intends to use the key, the client needs to apply the first half of the key (including the first half of the public key and the first half of the private key) to the SVC and apply the second half of the private key to the KMC, and since the second half of the public key matrix is public, the client can locally generate the second half of the public key by itself.
In the embodiment of the invention, after receiving the key application message sent by the client, the SVC extracts the key application type from the key application message, and performs different processing according to the key application type. The key application type comprises a first half of a signature private key, a first half of a decryption private key, a first half of a verification public key and a first half of an encryption public key. The following description is made for the first half of the signature private key, the first half of the decryption private key, the first half of the verification public key, and the first half of the encryption public key in the key application type, respectively.
a. When the type of the key application isWhen the first half of the private key is signed, the first network time is firstly collected and the Hash is usedHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein Alice is the user identifier, time1 is the first network time with precision on the order of microseconds, and Hkey1 is the first mapping key.
The first mapping key Hkey1 is used for mapping the first half of the matrix, and comprises the first half of the signature private key matrix, the first half of the signature public key matrix, the first half of the encryption private key matrix and the first half of the encryption public key matrix.
Then, according to
Figure BDA0003077916910000071
Obtaining the first half alice' of the signature private key, wherein,
Figure BDA0003077916910000072
is the first half of the signed private key matrix, and aiIndicating the row coordinates of the first half of the signature private key matrix, with a byte length of 5 bits.
After the first half of the signature private key is obtained, the first network time and the first half of the signature private key can be encrypted by using a channel key preset between an SVC and a client, the encrypted information is sent to the client, so that the client can decrypt the first network time and the first half of the signature private key, and the first half of the signature private key and the second half of the signature private key stored locally are added to obtain the signature private key. The first network time is sent so that the opposite side can apply for the first half of the authentication public key by using the first network time when the client side sends the authentication information to other users.
b. When the type of the key application is the first half of the secret key, the key application message also comprises second network time, and then the second network time is used according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequenceb0,b1,b2,…,b15Wherein Alice is the user identifier, time2 is the second network time with precision on the order of microseconds, and Hkey1 is the first mapping key.
Then according to
Figure BDA0003077916910000073
Obtaining the first half alice' of the decrypted private key, wherein,
Figure BDA0003077916910000074
is the first half of the encryption private key matrix, and biIndicating the row coordinates of the first half of the encryption private key matrix, with a byte length of 5 bits.
After the first half of the secret key is obtained, the first half of the secret key can be encrypted and then sent to the client by using a channel key preset between the SVC and the client so that the client can decrypt the first half of the secret key to obtain the first half of the secret key, and the first half of the secret key and the second half of the secret key stored locally are added to obtain the signature secret key.
c. When the type of the key application is the first half of the verification public key, the key application message also comprises first network time according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein Alice is the user identifier, time1 is the first network time with precision on the order of microseconds, and Hkey1 is the first mapping key.
Then, according to
Figure BDA0003077916910000081
The first half of the authentication public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000082
is the first half of the public signature key matrix, and aiAnd indicating the row coordinate of the first half part of the signature public key matrix, wherein the length of the byte is 5 bits.
After the first half of the verification public key is obtained, the first half of the verification public key can be encrypted and then sent to the client by using a channel key preset between the SVC and the client, so that the client can decrypt the first half of the verification public key and add the first half of the verification public key and the second half of the verification public key stored locally to obtain the verification public key.
d. When the type of the key application is the first half of the encrypted public key, the second network time is firstly collected, and then the Hash is carried out according to the type of the key applicationHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, the precision of which is microsecond level, and Hkey1 is the first mapping key.
Then according to
Figure BDA0003077916910000083
The first half of the cryptographic public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000084
for the first half of the encrypted public key matrix, and biThe row coordinate of the first half of the encryption public key matrix is indicated, and the length of the byte is 5 bits.
After the first half of the encrypted public key is obtained, the second network time and the first half of the encrypted public key can be encrypted by using a channel key preset between the SVC and a client, and the encrypted information is sent to the client, so that the client can decrypt to obtain the second network time and the first half of the encrypted public key, and add the first half of the encrypted public key and the second half of the encrypted public key stored locally to obtain the encrypted public key.
As can be seen from the generation of the first half of the four types of keys, when the user identifier is the same as the network time, the mapping sequences obtained by mapping are the same, so that the first half of the obtained private key and the first half of the public key have a corresponding relationship. For example, when usingThe user identification is Alice, the network time is 1, and when the first half of the signature private key and the first half of the verification public key are generated, the obtained mapping sequences are a0,a1,a2,…,a15I.e. the row coordinates corresponding to the first half of the public signature key matrix and the row coordinates indicating the first half of the private signature key matrix. Similarly, when the user identifier is Alice and the network time is time2, the mapping sequences obtained when the first half of the encrypted public key and the first half of the decrypted private key are generated are both b0,b1,b2,…,b15I.e. the row coordinates indicating the first half of the encryption public key matrix and the row coordinates of the first half of the encryption private key matrix correspond.
According to the embodiment of the invention, the signature matrix and the encryption matrix are separated, and the signature operation and the encryption operation are independent and do not influence each other; the first half and the second half of the matrix are separated, the first half of the matrix is kept secret in the SVC, and the second half is published in the KMC and the client. Because the matrixes are stored respectively, the possibility that SVC and KMC do case independently is avoided, because KMC only has authority to the back half part of the key, and SVC only has authority to the front half part of the key. The separate distribution of the keys further improves the security of the keys.
Example two
Fig. 3 is a schematic flowchart of a key generation method of a CPK according to an embodiment of the present invention.
As shown in fig. 3, the method is applied to a client, and includes the following steps:
step 301, sending a key application message to the SVC, wherein the key application message includes a user identifier and a key application type;
step 302, receiving the encrypted first half of the key returned by the SVC, and decrypting to obtain the first half of the key;
and step 303, adding the first half of the key and the second half of the locally stored key to obtain the key to be used.
The client side needs to apply the first half of the key to the SVC in advance to use the key. The key application message sent to the SVC indicates by the key application type which first half of the key of the type the client needs to apply for. The key application type comprises a first half of a signature private key, a first half of a decryption private key, a first half of a verification public key and a first half of an encryption public key.
And a channel key is preset between the client and the SVC, and after the first half of the key which is returned by the SVC and encrypted by the channel key is received, the first half of the key to be applied is obtained by decryption.
When the key application type is the first half of the private key (including the signed private key and the decrypted private key), as can be seen from fig. 2, the second half of the private key can apply to the KMC, and therefore, the client sends a message for applying the second half of the private key to the KMC, where the message for applying the second half of the private key includes the user identifier and the private key application type. When the rear half part of the secret key needs to be applied for signature, the application type of the private key is the rear half part of the secret private key, and when the rear half part of the secret private key needs to be applied for secret, the application type of the private key is the rear half part of the secret private key. The specific process of the client applying for the second half of the private key from the KMC may refer to a process of generating the identifier-based private key application by the KMC in the related art, which is not described herein again. After the second half part of the private key is obtained by the KMC, the first half part of the private key and the second half part of the private key are directly added to obtain the private key to be used, for example, the first half part of the private key is alice ', the second half part of the private key is alice ", and alice ═ alice" + alice' is used to obtain the private key alice.
When the type of the key application is the first half of the public key (including the authentication public key and the encryption public key), as can be seen from fig. 2, the second half of the public key is generated by the client:
first, according to HashHkey2(Alice)=c0,c1,c2,…,c15Mapping to obtain a mapping sequence c0,c1,c2,…,c15Wherein, Alice is the user identifier, and Hkey2 is the second mapping key. Wherein the second mapping key is exclusively used for mapping the second half of the matrix and is in a public state. Then, the client can obtain the second half of the locally stored public key according to the mapping sequence and the second half of the public key matrix. Wherein, the selection of the public key matrix is related to the type of the applied keyIt is related.
Specifically, when the client applies for the first half of the encrypted public key from the SVC, that is, the type of the key application is the first half of the encrypted public key, the client can apply for the first half of the encrypted public key according to
Figure BDA0003077916910000101
The second half of the cryptographic public key, ALICE ", is obtained, wherein,
Figure BDA0003077916910000102
for the second half of the encrypted public key matrix, and ciAnd indicating the row coordinate of the back half part of the encryption public key matrix, wherein the byte length is 5 bits.
When the client applies to the SVC for the first half of the authentication public key, i.e. the type of the key application is the first half of the authentication public key, the client can apply the first half of the authentication public key according to
Figure BDA0003077916910000111
Obtain the second half of the authentication public key, ALICE ", wherein,
Figure BDA0003077916910000112
for the second half of the signature public key matrix, the same ci may indicate the row coordinates of the second half of the signature public key matrix, and the byte length is 5 bits.
Then, the first half of the obtained public key may be added to the second half of the locally generated public key to obtain the public key to be used, for example, the first half of the public key is ALICE ', the second half of the public key is ALICE ", and ALICE' + ALICE ″, which results in the public key ALICE.
Through the embodiment of the invention, the client only holds the rear half part of the private key and the rear half part of the public key matrix. Even if the data are lost, the safety is not influenced, if the whole content of the mobile phone is copied or even lost, the mobile phone is not afraid of, namely, the static analysis of a translator. Because it cannot obtain the first half of the private key, i.e., the entire private key. This feature provides another application, such as a sensor, and if there is an identifier, other signing, verification, etc. can be entrusted to other components, so the requirements for the device can be low, and the application range is very wide.
EXAMPLE III
For facilitating understanding of the embodiments of the present invention, the interaction process between the client, the SVC, and the KMC is described below through a digital signature process between two clients. The SVC manages the first half part of the private key matrix (including the first half part of the encryption private key matrix and the first half part of the signature private key matrix), the first half part of the public key matrix (including the first half part of the signature public key matrix and the first half part of the encryption public key matrix) and the first mapping key used in the mapping sequence, the KMC manages the second half part of the private key matrix (including the second half part of the encryption private key matrix and the second half part of the signature private key matrix), the second half part of the signature public key matrix, the second half part of the encryption public key matrix and the second mapping key used in the mapping sequence are published, and the client can generate any second half part of the public key by itself at the moment of acquiring the user identification.
As shown in fig. 4, the two clients are Alice and Bob respectively, Alice signs and Bob verifies, which includes the following steps:
step 401, Alice sends a first half signature private key application message to SVC, where the message includes a user identifier Alice and a key application type, and the key application type is the first half signature private key;
step 402, SVC receives the first half of signature private key application message and collects the current first network time;
step 403, the SVC maps to obtain a first mapping sequence according to the user identifier, the first network time, and the first mapping key;
wherein, according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein time1 is the first network time with precision on the order of microseconds, and Hkey1 is the first mapping key.
Step 404, the SVC obtains the first half of the signature private key according to the first mapping sequence and the first half of the signature private key matrix;
whereinAccording to
Figure BDA0003077916910000121
Obtaining the first half alice' of the signature private key, wherein,
Figure BDA0003077916910000122
is the first half of the signing private key matrix, wherein a first mapping sequence indicates row coordinates of the first half of the signing private key matrix.
Step 405, the SVC encrypts the first network time and the first half of the signature private key by using a channel key and sends the encrypted first network time and the encrypted first half of the signature private key to the client Alice;
step 406, after receiving the encrypted first network time and the first half of the signature private key, the client Alice decrypts the first network time and the first half of the signature private key by using a channel key;
step 407, Alice sends a message for applying for the second half of the signed private key to the KMC, where the message includes the user identifier and a private key application type, and the private key application type is the second half of the signed private key;
step 408, the KMC receives the second half of the signing private key application message;
step 409, the KMC obtains a second half mapping sequence of the key by mapping according to the user identifier and the second mapping key;
wherein, according to HashHkey2(Alice)=w0,w1,..,w15Mapping to obtain the second half mapping sequence w of the key0,w1,..,w15And Hkey2 is the second mapping key.
Step 410, the KMC obtains the second half part of the signature private key according to the mapping sequence of the second half part of the key and the second half part of the signature private key matrix;
wherein, according to
Figure BDA0003077916910000131
Obtaining the second half alice "of the private signature key, wherein,
Figure BDA0003077916910000132
is the second half of the signing private key matrix, wherein a key second half mapping sequence indicates row coordinates of the second half of the signing private key matrix.
Step 411, the KMC encrypts the back half part of the signature private key by a channel key and sends the encrypted back half part to the client Alice;
in step 412, the client Alice receives the encrypted second half of the private signature key and decrypts the encrypted second half of the private signature key by using the channel key to obtain the second half of the private signature key.
Wherein, the steps 407-412 can be performed before any step between the steps 401-406.
Step 413, the client Alice adds the first half of the signature private key and the second half of the signature private key to obtain the signature private key;
wherein, the signature private key alice is obtained from alice ═ alice '+ alice'.
Step 414, the client Alice performs digital signature on the data to be signed by using the private signature key to obtain signed data;
the digital signature of the data h to be signed can be realized by referring to the process of digital signature in the prior art:
selecting a random number k, and calculating k × G ═ (x, y); c ═ x + y)2mod 2m。s=k-1(h + c alice) mod n, with SIGalice(h) And marking the sign (s, c), thereby obtaining signature data sign.
Step 415, the client Alice sends verification information to the client Bob, wherein the verification information comprises a user identifier Alice, signature data and first network time;
step 416, after receiving the verification information, the client Bob sends a first half of verification public key application message to the SVC, where the message includes a user identifier Alice, a first network time, and a key application type, and the key application type is the first half of the verification public key;
step 417, the SVC obtains a first mapping sequence according to the user identifier Alice, the first network time, and the first mapping key;
wherein, according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15
Step 418, the SVC obtains the first half of the verification public key according to the first mapping sequence and the first half of the signature public key matrix;
wherein, according to
Figure BDA0003077916910000141
The first half of the authentication public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000142
is the first half of the public signature key matrix.
Step 419, the SVC encrypts the first half part of the verification public key by using a channel key and then sends the encrypted verification public key to the client Bob;
step 420, Bob adds the front half part of the decrypted verification public key and the rear half part of the locally stored verification public key to obtain a verification public key;
wherein the second half of the locally stored authentication public key is obtained by:
according to HashHkey2(Alice)=c0,c1,c2,…,c15Mapping to obtain a mapping sequence c0,c1,c2,…,c15Wherein, Alice is the user identifier, and Hkey2 is the second mapping key.
And then, obtaining the second half of the locally stored public key according to the mapping sequence and the second half of the public key matrix. That is, according to
Figure BDA0003077916910000143
Obtain the second half of the authentication public key, ALICE ", wherein,
Figure BDA0003077916910000144
for the second half of the signature public key matrix, the mapping sequence ci indicates row coordinates of the second half of the signature public key matrix.
Then, compare "alias" + alias "to alias, thereby obtaining the authentication public key alias.
In step 421, the client Bob verifies the signature data in the verification information by using the verification public key.
For the verification of the digital signature, reference may be made to the verification process in the prior art:
s-1*h*G+s-1*c*ALICE=(x,y);c’=(x+y)2mod 2m(ii) a With VERALICE(h, s) ═ c' label.
Wherein when the verification c is the same as c', the signature data is determined to be true.
According to the embodiment of the invention, the matrix is divided into the signature matrix and the encryption matrix, and the signature operation and the encryption operation are independent and do not influence each other. In addition, the first half and the second half of the matrix are separated, the first half of the matrix is kept secret in the SVC, and the second half is published in the KMC and the client. Because of separate storage, the possibility of SVC and KMC committing a case independently is avoided, because KMC only has authority to the back half of the key, and SVC only has authority to the front half of the key.
The customer holds the keys only in the second half of the private key, the second half of the public key matrix. If the mobile phone is lost, the safety is not influenced, and if the whole content of the mobile phone is copied, even if the mobile phone is lost, the mobile phone is not afraid, namely the static analysis of a translator is not afraid. This feature provides another application, such as a sensor, and if there is an identifier, other signing, verification, etc. can be entrusted to other components, so the requirements for the device can be low, and the application range is very wide.
In addition, the time mapping is based on the time mapping, namely the time key plays the role of one-time pad, and the method can be applied to a digital currency system, and ensures that the currency issued at present is still effective to the quantum era.
In addition, the method and the device are high in setting flexibility, and can select proper key length and matrix size according to the requirements of entities participating in the industrial internet on storage capacity and operation speed, so that different service requirements can be met.
Example four
In order to facilitate understanding of the embodiment of the present invention, the interaction process between the client, the SVC, and the KMC is described below through an encryption process between two clients. Like the third embodiment, the SVC manages the first half of the private key matrix, the first half of the public key matrix, and the first mapping key used in the mapping sequence, and the KMC manages the second half of the private key matrix, while the second half of the signed public key matrix, the second half of the encrypted public key matrix, and the second mapping key used in the mapping sequence are published, and the client can generate any second half of the public key by itself when acquiring the user identifier.
As shown in fig. 5, two clients are Al and Bl, respectively, where Bl sends encrypted data to Al, and Al receives and decrypts the encrypted data, including the following steps:
step 501, the Bl sends an encrypted public key first half application message to the SVC, where the message includes a user identifier Al and a key application type, and the key application type is the encrypted public key first half;
step 502, the SVC receives the first half of the encrypted public key application message and collects the current second network time;
step 503, the SVC maps to obtain a second mapping sequence according to the user identifier, the second network time, and the first mapping key;
wherein, according to HashHkey1(time2-Al)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15And Al is the user identifier, time2 is the second network time, the precision of the second network time is microsecond level, and Hkey1 is the first mapping key.
Step 504, the SVC obtains the first half of the encrypted public key according to the second mapping sequence and the first half of the encrypted public key matrix;
wherein, according to
Figure BDA0003077916910000161
The first half AL' of the cryptographic public key is obtained, wherein,
Figure BDA0003077916910000162
for the first half of the encrypted public key matrix, and biThe row coordinate of the first half of the encryption public key matrix is indicated, and the length of the byte is 5 bits.
Step 505, the SVC encrypts the second network time and the first half of the encrypted public key by using the channel key and sends the encrypted second network time and the first half of the encrypted public key to the client Bl;
step 506, after receiving the encrypted second network time and the first half part of the encrypted public key, the client Bl decrypts the encrypted second network time and the first half part of the encrypted public key by using a channel key;
step 507, the client Bl obtains a mapping sequence by mapping according to the user identifier Al and the second mapping key;
wherein, according to HashHkey2(Al)=c0,c1,c2,…,c15Mapping to obtain a mapping sequence c0,c1,c2,…,c15And the Al is the user identifier, and the Hkey2 is the second mapping key.
Step 508, obtaining the rear half part of the locally stored encrypted public key according to the mapping sequence and the rear half part of the encrypted public key matrix;
wherein, according to
Figure BDA0003077916910000163
The second half AL "of the cryptographic public key is obtained, wherein,
Figure BDA0003077916910000164
the second half of the encryption public key matrix.
Wherein, the steps 507-508 can be performed before any step between the steps 501-506.
Step 509, the client Bl adds the first half of the encrypted public key and the second half of the encrypted public key to obtain an encrypted public key;
where the encryption public key AL is derived from AL' + AL ═ AL.
In step 510, the client Bl obtains encrypted information according to the encryption key, the encryption public key and the data.
The client Bl generates a random number r, calculates an encryption key r G-key, where G is a base point of the elliptic curve, and encrypts the data by using the encryption key to obtain Ekey(data) code, and then encrypting the encryption key ENC using the encryption public keyALβ (key). Then, the encrypted message msg is transmitted as { code, β }. Wherein E is an encryption function of a symmetric key, and ENC is an encryption function of an asymmetric key.
Step 511, the client Bl sends the encrypted information and the second network time to the client Al;
step 512, after the client Al receives the encrypted information and the second network time, sending a first half of secret key application message to the SVC, wherein the first half of secret key application message includes the user identifier Al, the second network time, and the secret key application type;
step 513, the SVC receives the first half application message of the secret key;
step 514, the SVC maps to obtain a second mapping sequence according to the user identifier, the second network time, and the first mapping key;
wherein, according to HashHkey1(time2-Al)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein Al is the user identifier, time2 is the second network time, and Hkey1 is the first mapping key.
Step 515, the SVC obtains the first half of the decrypted private key according to the second mapping sequence and the first half of the encrypted private key matrix;
wherein, according to
Figure BDA0003077916910000171
The first half al' of the secret key is obtained, wherein,
Figure BDA0003077916910000172
for the first half of the encryption private key matrixA second mapping sequence, wherein the second mapping sequence indicates row coordinates of a first half of the encryption private key matrix.
Step 516, the SVC encrypts the first half of the decryption private key by using a channel key and then sends the encrypted first half of the decryption private key to the client Al;
step 517, after receiving the encrypted first half part of the secret key, the client Al decrypts the first half part of the secret key by using the channel key;
and 518, sending a second half of decrypted private key application message to the KMC, wherein the second half of decrypted private key application message comprises a user identifier Al and a private key application type, and the private key application type is the second half of decrypted private key. After receiving the encryption information, the client Al may send a private key application message to the SVC and the KMC at the same time.
Step 519, the KMC receives the application message of the second half of the decrypted private key, and a mapping sequence of the second half of the private key is obtained through mapping according to the user identification and a second mapping key;
wherein, according to HashHkey2(Al)=w0,w1,..,w15Mapping to obtain the second half mapping sequence w of the key0,w1,..,w15And Hkey2 is the second mapping key.
Step 520, the KMC obtains the second half part of the decrypted private key according to the mapping sequence of the second half part of the secret key and the second half part of the encrypted private key matrix;
wherein, according to
Figure BDA0003077916910000181
The second half al "of the secret key is obtained, wherein,
Figure BDA0003077916910000182
is the second half of the encryption private key matrix, wherein a key second half mapping sequence indicates row coordinates of the second half of the encryption private key matrix.
521, the KMC encrypts the rear half part of the decrypted private key by a channel key and sends the encrypted rear half part to a client Al;
step 522, the client Al receives the encrypted second half of the decryption private key, and decrypts the encrypted second half of the decryption private key through the channel key to obtain the second half of the decryption private key;
step 523, the client Al adds the first half of the decrypted private key and the second half of the decrypted private key to obtain the decrypted private key.
Wherein, the secret key al is obtained by using al '+ al'.
In step 524, the client Al decrypts the encrypted data with the decryption private key to obtain the data in the encrypted information.
For the decryption process of the encrypted information, reference may be made to the decryption process in the prior art:
DECal(β)=key,Dkey(code) ═ data. Wherein D is a decryption function of the symmetric key, and DEC is a decryption function of the asymmetric key.
EXAMPLE five
Fig. 6 is a schematic structural diagram of a key generation apparatus of a CPK according to an embodiment of the present invention. As shown in fig. 6, the apparatus is applied to a service center SVC, and the apparatus 60 includes: a receiving module 61, configured to receive a key application message sent by a client, where the key application message includes a user identifier and a key application type; a key generation module 62, configured to generate a first half of a key according to the key application type, the first mapping key, and the first half of the key matrix; a sending module 63, configured to send the encrypted first half of the key to the client, so that the client obtains a key to be used according to the first half of the key and a locally stored second half of the key.
Further, when the type of the key application is the first half of the private key, the key generation module is specifically configured to:
collecting first network time;
according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key;
according to
Figure BDA0003077916910000191
Obtaining the first half alice' of the signature private key, wherein,
Figure BDA0003077916910000192
is the first half of the signature private key matrix;
the sending module is specifically configured to:
and sending the first network time and the first half part of the signature private key to the client after encryption.
Further, when the key application type is the first half of the secret key, the key application message further includes a second network time, and the key generation module is specifically configured to:
according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, and Hkey1 is the first mapping key;
according to
Figure BDA0003077916910000201
Obtaining the first half alice' of the decrypted private key, wherein,
Figure BDA0003077916910000202
is the first half of the encryption private key matrix.
Further, when the key application type is the first half of the verification public key, the key application message further includes a first network time, and the key generation module is specifically configured to:
according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key;
according to
Figure BDA0003077916910000203
The first half of the authentication public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000204
is the first half of the public signature key matrix.
Further, when the type of the key application is the first half of the encrypted public key, the key generation module is specifically configured to:
collecting a second network time;
according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, and Hkey1 is a first mapping key;
according to
Figure BDA0003077916910000205
The first half of the cryptographic public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000206
the first half part of the encryption public key matrix;
the sending module is specifically configured to:
and sending the second network time and the first half part of the encrypted public key to the client after encryption.
In the present embodiment, in the key generation apparatus 60 of the CPK: for specific processing of the receiving module 61, the key generating module 62 and the sending module 63 and technical effects thereof, reference may be made to relevant descriptions in embodiments corresponding to fig. 1, 4 and 5, which are not described herein again.
EXAMPLE six
Fig. 7 is a schematic structural diagram of a key generation apparatus of a CPK according to an embodiment of the present invention. As shown in fig. 7, the apparatus is applied to a client, and the apparatus 70 includes: a sending module 71, configured to send a key application message to a service center SVC, where the key application message includes a user identifier and a key application type; a receiving module 72, configured to receive the encrypted first half of the key returned by the SVC, and decrypt the encrypted first half of the key; and a key synthesis module 73, configured to add the first half of the key and the second half of the locally stored key to obtain a key to be used.
Further, when the key application type is the first half of the private key, the sending module is further configured to obtain the second half of the locally stored key by:
and sending a second half private key application message to a Key Management Center (KMC), wherein the second half private key application message comprises a user identifier and a private key application type.
Further, when the key application type is the first half of the public key, the apparatus 70 further includes:
a public key second half generation module 74 configured to obtain the locally stored key second half by:
according to HashHkey2(Alice)=c0,c1,c2,…,c15Mapping to obtain a mapping sequence c0,c1,c2,…,c15Wherein, Alice is the user identifier, and Hkey2 is the second mapping key;
and obtaining the rear half part of the locally stored public key according to the mapping sequence and the rear half part of the public key matrix.
Further, when the type of the key application is first half of an encrypted public key, the public key second half generation module is further configured to: according to
Figure BDA0003077916910000211
The second half of the cryptographic public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000212
the second half of the encryption public key matrix.
Further, when the type of the key application is to verify a first half of a public key, the public key second half generation module is further configured to:
according to
Figure BDA0003077916910000221
The second half of the authentication public key, ALICE', is obtained, wherein,
Figure BDA0003077916910000222
the second half of the signature public key matrix.
In the present embodiment, in the key generation apparatus 70 of the CPK: for specific processing of the sending module 71, the receiving module 72, the key synthesis module 73 and the second half public key generation module 74 and technical effects thereof, reference may be made to relevant descriptions in the embodiments corresponding to fig. 3, 4 and 5, and no further description is given here.
Accordingly, an embodiment of the present invention also provides a machine-readable storage medium having stored thereon instructions for causing a machine to execute a key generation method applied to a CPK of an SVC and/or a key generation method applied to a CPK of a client.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus, and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. A key generation method of a combined public key CPK is applied to a service center SVC and comprises the following steps:
receiving a key application message sent by a client, wherein the key application message comprises a user identifier and a key application type;
generating a first half key according to the key application type, the first mapping key and the first half key of the key matrix;
and sending the encrypted first half part of the key to the client so that the client can obtain the key to be used according to the first half part of the key and the second half part of the key stored locally.
2. The method of claim 1, wherein when the key application type is a first half of a private signature key, the generating a first half of a key according to the key application type, a first mapping key and a first half of a key matrix comprises:
collecting first network time;
according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key;
according to
Figure FDA0003077916900000011
Obtaining the first half alice' of the signature private key, wherein,
Figure FDA0003077916900000012
is the first half of the signature private key matrix;
the sending the encrypted first half of the key to the client comprises:
and sending the first network time and the first half part of the signature private key to the client after encryption.
3. The method of claim 1, wherein when the key application type is a first half of a secret key, the key application message further includes a second network time, and the generating the first half of the key according to the key application type, the first mapping key and the first half of the key matrix comprises:
according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein Alice is the user identifier, and time2 is the secondNetwork time, Hkey1 being the first mapping key;
according to
Figure FDA0003077916900000021
Obtaining the first half alice' of the decrypted private key, wherein,
Figure FDA0003077916900000026
is the first half of the encryption private key matrix.
4. The method of claim 1, wherein when the key application type is first half of a verification public key, the key application message further includes a first network time, and the generating the first half of the key according to the key application type, the first mapping key and the first half of the key matrix comprises:
according to HashHkey1(time1-Alice)=a0,a1,a2,…,a15Mapping to obtain a first mapping sequence a0,a1,a2,…,a15Wherein, Alice is the user identifier, time1 is the first network time, and Hkey1 is the first mapping key;
according to
Figure FDA0003077916900000022
The first half of the authentication public key, ALICE', is obtained, wherein,
Figure FDA0003077916900000025
is the first half of the public signature key matrix.
5. The method of claim 1, wherein when the key application type is first half of an encrypted public key, the generating first half of a key according to the key application type, the first mapping key and the first half of a key matrix comprises:
collecting a second network time;
according to HashHkey1(time2-Alice)=b0,b1,b2,…,b15Mapping to obtain a second mapping sequence b0,b1,b2,…,b15Wherein, Alice is the user identifier, time2 is the second network time, and Hkey1 is a first mapping key;
according to
Figure FDA0003077916900000023
The first half of the cryptographic public key, ALICE', is obtained, wherein,
Figure FDA0003077916900000024
the first half part of the encryption public key matrix;
the sending the encrypted first half of the key to the client comprises:
and sending the second network time and the first half part of the encrypted public key to the client after encryption.
6. A key generation method of a Combined Public Key (CPK) is applied to a client and comprises the following steps:
sending a key application message to a service center (SVC), wherein the key application message comprises a user identifier and a key application type;
receiving the encrypted key front half returned by the SVC, and decrypting to obtain the key front half;
and adding the first half part of the key and the second half part of the locally stored key to obtain the key to be used.
7. The method of claim 6, wherein when the key application type is public key first half, the locally stored key second half is obtained by:
according to HashHkey2(Alice)=c0,c1,c2,…,c15Mapping to obtain a mapping sequencec0,c1,c2,…,c15Wherein, Alice is the user identifier, and Hkey2 is the second mapping key;
and obtaining the rear half part of the locally stored public key according to the mapping sequence and the rear half part of the public key matrix.
8. A key generation apparatus combining a public key CPK, the apparatus being applied to a service center SVC and comprising:
the system comprises a receiving module, a sending module and a sending module, wherein the receiving module is used for receiving a key application message sent by a client, and the key application message comprises a user identifier and a key application type;
the key generation module is used for generating a first half key according to the key application type, the first mapping key and the first half part of the key matrix;
and the sending module is used for sending the encrypted first half part of the key to the client so that the client can obtain the key to be used according to the first half part of the key and the locally stored second half part of the key.
9. A key generation apparatus for combining a public key CPK, the apparatus being applied to a client, and comprising:
the system comprises a sending module, a receiving module and a sending module, wherein the sending module is used for sending a key application message to a service center (SVC), and the key application message comprises a user identifier and a key application type;
the receiving module is used for receiving the encrypted key front half returned by the SVC and decrypting the encrypted key front half to obtain the key front half;
and the key synthesis module is used for adding the first half part of the key and the second half part of the locally stored key to obtain the key to be used.
10. A machine-readable storage medium having stored thereon instructions for causing a machine to execute the method of key generation of a combined public key CPK according to any of claims 1-5 and/or the method of key generation of a combined public key CPK according to any of claims 6-7.
CN202110557692.XA 2021-05-21 2021-05-21 Key generation method, device and storage medium for combined public key CPK Active CN113206739B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110557692.XA CN113206739B (en) 2021-05-21 2021-05-21 Key generation method, device and storage medium for combined public key CPK

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110557692.XA CN113206739B (en) 2021-05-21 2021-05-21 Key generation method, device and storage medium for combined public key CPK

Publications (2)

Publication Number Publication Date
CN113206739A true CN113206739A (en) 2021-08-03
CN113206739B CN113206739B (en) 2023-05-12

Family

ID=77022817

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110557692.XA Active CN113206739B (en) 2021-05-21 2021-05-21 Key generation method, device and storage medium for combined public key CPK

Country Status (1)

Country Link
CN (1) CN113206739B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115834061A (en) * 2023-02-15 2023-03-21 深圳市永达电子信息股份有限公司 CPK-based identification key generation method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108777619A (en) * 2018-05-08 2018-11-09 晋商博创(北京)科技有限公司 CPK systems based on mark and key management method, device, server and terminal
US20200013044A1 (en) * 2016-11-29 2020-01-09 Jin Shang Bo Chuang (Beijing) Science&Technology Co. Ltd Cpk-based digital bank, digital currency, and payment method
CN110830237A (en) * 2019-11-29 2020-02-21 晋商博创(北京)科技有限公司 CPK key generation method, device, entity and key center based on time
CN111682937A (en) * 2020-06-08 2020-09-18 晋商博创(北京)科技有限公司 Key application and distribution method and device for enhanced CPK

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200013044A1 (en) * 2016-11-29 2020-01-09 Jin Shang Bo Chuang (Beijing) Science&Technology Co. Ltd Cpk-based digital bank, digital currency, and payment method
CN108777619A (en) * 2018-05-08 2018-11-09 晋商博创(北京)科技有限公司 CPK systems based on mark and key management method, device, server and terminal
CN110830237A (en) * 2019-11-29 2020-02-21 晋商博创(北京)科技有限公司 CPK key generation method, device, entity and key center based on time
CN111682937A (en) * 2020-06-08 2020-09-18 晋商博创(北京)科技有限公司 Key application and distribution method and device for enhanced CPK

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
南相浩等: "组合公钥(CPK)体制标准(V3.0)", 《计算机安全》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115834061A (en) * 2023-02-15 2023-03-21 深圳市永达电子信息股份有限公司 CPK-based identification key generation method
CN115834061B (en) * 2023-02-15 2023-06-23 深圳市永达电子信息股份有限公司 CPK-based identification key generation method

Also Published As

Publication number Publication date
CN113206739B (en) 2023-05-12

Similar Documents

Publication Publication Date Title
CN110391900B (en) Private key processing method based on SM2 algorithm, terminal and key center
NL2013944B1 (en) Public-key encryption system.
US20040165728A1 (en) Limiting service provision to group members
CN109767218B (en) Block chain certificate processing method and system
US11212082B2 (en) Ciphertext based quorum cryptosystem
JPWO2014112551A1 (en) Split storage device, secret key split storage method
CN108777619B (en) CPK system and key management method, device, server and terminal based on identification
CN112995784B (en) Video data slice encryption method, device and system
US20180278417A1 (en) Apparatus and method for generating key, and apparatus and method for encryption
CN113497709A (en) Trusted data source management method based on block chain, signature device and verification device
CN111797411B (en) 3D model encryption method and device
CN115098868A (en) Privacy-protecting data providing and inquiring method, device and system
CN113206739B (en) Key generation method, device and storage medium for combined public key CPK
KR102132685B1 (en) Apparatus and method for order-revealing encryption
CN114697001B (en) Information encryption transmission method, equipment and medium based on blockchain
JP4080283B2 (en) Content distribution system
CN113922960B (en) PSI acquisition method, device and system based on SM2
Shanthi et al. Efficient secure system of data in cloud using steganography based cryptosystem with FSN
CN115001673A (en) Key processing method, device and system based on unified multi-domain identifier
CN114969805A (en) Service query method and device, electronic equipment and storage medium
CN113259097A (en) CPK-based key generation method and device capable of multi-state configuration
CN114513302A (en) Data encryption and decryption method and equipment
GB2573309A (en) Ciphertext based quorum cryptosystem
CN116980130B (en) File sharing method, system and storage medium
CN117811730B (en) National secret key negotiation method, device, computing equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant