CN113726509B - Key destroying method, cipher machine and terminal equipment - Google Patents
Key destroying method, cipher machine and terminal equipment Download PDFInfo
- Publication number
- CN113726509B CN113726509B CN202111003290.1A CN202111003290A CN113726509B CN 113726509 B CN113726509 B CN 113726509B CN 202111003290 A CN202111003290 A CN 202111003290A CN 113726509 B CN113726509 B CN 113726509B
- Authority
- CN
- China
- Prior art keywords
- key
- information
- signature
- terminal equipment
- cipher machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Abstract
The application relates to a key destruction method, a cipher machine and terminal equipment, wherein the method applied to the cipher machine comprises the following steps: when the terminal equipment connected to the cipher machine is detected to meet the preset condition, determining to trigger the destruction of the key; receiving first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment; signing the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment; after the verification passes, the secret key stored in the cipher machine is destroyed. The method has the advantages of strong compatibility, strong portability, convenient deployment and maintenance and lower cost; based on the identity authentication of the digital certificate by the third party terminal equipment, the security and reliability of password destruction are higher; in addition, the method is more in line with the cryptographic key destruction standard issued by national cipher.
Description
Technical Field
The application relates to the technical field of password application, in particular to a key destroying method, a password machine and terminal equipment.
Background
In the using process of the server cipher machine equipment, the security of the secret key is particularly important, and the destruction mechanism of the secret key also becomes an important factor affecting the security of the secret key due to the huge quantity of secret keys to be generated in many security schemes. When a server crypto-engine device needs to trigger a key destruction mechanism, how to trigger the key destruction mechanism safely without a corresponding trigger mechanism circuit design is a problem to be solved at present.
In the prior art, some cipher machine devices trigger key destruction in a physical manner, so that corresponding circuit design is needed, flexibility is poor, portability is poor, and safety coefficient is low; other cipher machine equipment receives a key destroying instruction triggered by a worker through a server to trigger a key destroying mechanism, the key destroying mechanism cannot be triggered through the instruction, the key destroying mechanism cannot meet the national cryptographic requirements, and when identity information is carried out on the worker through instruction triggering, the biological characteristics of the worker are required to be acquired, the triggering mechanism is complex, the cost is high, and deployment and maintenance are inconvenient.
Disclosure of Invention
In view of the above problems in the prior art, an object of the present application is to provide a key destruction method, a cryptographic engine, and a terminal device, which can effectively solve the problems of poor portability, poor security, high cost, inconvenient deployment and maintenance of the key destruction mechanism in the prior art.
In order to achieve the above object, an embodiment of the present application provides a method for destroying a key, which is applied to a cryptographic engine, and the method includes:
when the terminal equipment connected to the cipher machine is detected to meet the preset condition, determining to trigger the destruction of the key;
receiving first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment;
signing the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment;
after the verification passes, the secret key stored in the cipher machine is destroyed.
In some embodiments, after determining to trigger the key destruction, before receiving the first information and the first signature information sent by the terminal device, the method further includes:
and receiving the first key sent by the terminal equipment and the characteristic value used for triggering the terminal equipment.
In some embodiments, signing the first signature information using a first key comprises:
signing the first signature information by using the first secret key to obtain signing verification data;
and comparing the signature verification data with the first information, and if the signature verification data is the same as the first information, determining that the signature verification is successful.
In some embodiments, receiving the first signature information sent by the terminal device includes:
receiving second signature information obtained by encrypting the first signature information by using a second key;
before signing the first signature information using the first key, the method further comprises:
and decrypting the second signature information by using a third key to obtain the first signature information, wherein the second key and the third key are a pair of key pairs of the cipher machine.
In some embodiments, the second key and the third key are a pair of asymmetrically encrypted public and private keys, the second key is a public key of the cryptographic machine, and the third key is a private key of the cryptographic machine.
In some embodiments, determining to trigger key destruction upon detecting that a terminal device connected to the cryptographic machine satisfies a preset condition comprises:
detecting whether the terminal equipment connected to the cipher machine is preset terminal equipment or not;
if yes, judging whether the connection time of the terminal equipment to the cipher machine meets a preset time threshold;
if yes, determining that the terminal equipment connected to the cipher machine meets a preset condition;
and determining to trigger key destruction.
The embodiment of the application also provides a key destroying method which is applied to the terminal equipment and comprises the following steps:
establishing connection with a cipher machine;
generating first information when the terminal equipment connected to the crypto-machine meets a preset condition;
signing the first information to obtain first signature information;
and sending the first information and the first signature information to the cipher machine so that the cipher machine can use a first key to sign the first signature information, wherein the first key is a signature key preset by the terminal equipment.
In some embodiments, prior to signing the first information, the method further comprises:
creating a signature container for signing;
deriving the first key from the signature container;
and sending the first key to the cipher machine for storage.
The embodiment of the application also provides a cipher machine, which comprises:
the determining module is configured to determine to trigger the destruction of the key when detecting that the terminal equipment connected to the cipher machine meets a preset condition;
the receiving module is configured to receive first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment;
the signature verification module is configured to verify the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment;
and the destroying module is configured to destroy the secret key stored in the cipher machine after the verification sign passes.
The embodiment of the application also provides a terminal device, which comprises:
a connection module configured to establish a connection with a cryptographic engine;
the generation module is configured to generate first information when the terminal equipment connected to the cipher machine meets a preset condition;
the signature module is configured to sign the first information to obtain first signature information;
the sending module is configured to send the first information and the first signature information to the cipher machine so that the cipher machine can use a first key to sign the first signature information, wherein the first key is a signature key preset by the terminal equipment.
Compared with the prior art, the key destroying method, the cipher machine and the terminal equipment provided by the embodiment of the application realize key destroying through the cooperation of the third party terminal equipment and the cipher machine, the hardware structure of the cipher machine is not required to be modified, a key destroying mechanism can be arranged on the basis of the existing cipher machine, the compatibility is strong, the portability is strong, the deployment and the maintenance are convenient, and the terminal equipment is small and portable and has lower cost; according to the method and the device, the identity authentication of the digital certificate is carried out based on the third-party terminal equipment, the identity of an operator can be limited, only the personnel with the terminal equipment can carry out key destruction, and the safety and reliability of password destruction are higher; in addition, the first information for signing is a random number which is randomly generated, dynamic signing verification can be performed, and the security of the signing verification process is ensured; in addition, the key destroying mechanism is triggered according to the connection state of the third-party terminal equipment and the cipher machine, so that the cipher machine key destroying standard issued by national cipher is more met.
Drawings
In the drawings, which are not necessarily drawn to scale, like numerals may describe similar components in different views. The same reference numerals with letter suffixes or different letter suffixes may represent different instances of similar components. The accompanying drawings illustrate various embodiments by way of example in general and not by way of limitation, and together with the description and claims serve to explain the claimed embodiments. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts. Such embodiments are illustrative and not intended to be exhaustive or exclusive of the present apparatus or method.
Fig. 1 is a flowchart of a key destruction method according to an embodiment of the present application;
FIG. 2 is another flow chart of a key destruction method according to an embodiment of the present application;
FIG. 3 is a further flowchart of a key destruction method according to an embodiment of the present application;
FIG. 4 is a flow chart of another key destruction method according to an embodiment of the present application;
FIG. 5 is a schematic diagram of a cryptographic engine according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a terminal device according to an embodiment of the present application;
FIG. 7 is a schematic diagram of another cryptographic engine according to an embodiment of the present application.
Detailed Description
Hereinafter, specific embodiments of the present application will be described in detail with reference to the accompanying drawings, but not limiting the present application.
It should be understood that various modifications may be made to the embodiments disclosed herein. Therefore, the above description should not be taken as limiting, but merely as exemplification of the embodiments. Other modifications within the scope and spirit of this application will occur to those skilled in the art.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other features of the present application will become apparent from the following description of a preferred form of embodiment, given as a non-limiting example, with reference to the accompanying drawings.
It is also to be understood that, although the present application has been described with reference to some specific examples, a person skilled in the art will certainly be able to achieve many other equivalent forms of the present application, having the characteristics as set forth in the claims and hence all coming within the field of protection defined thereby.
The foregoing and other aspects, features, and advantages of the present application will become more apparent in light of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application will be described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely examples of the application, which may be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application with unnecessary or excessive detail. Therefore, specific structural and functional details disclosed herein are not intended to be limiting, but merely serve as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
Example 1
Fig. 1 is a flowchart of a key destruction method according to an embodiment of the present application. As shown in fig. 1, an embodiment of the present application provides a method for destroying a key, which is applied to a cryptographic engine, and the method includes:
s101: and determining to trigger the destruction of the key when detecting that the terminal equipment connected to the cipher machine meets the preset condition.
Specifically, the cryptographic machine stores key data, and when detecting that the terminal equipment connected to the cryptographic machine meets a preset condition, the cryptographic machine can determine that the key data needs to be destroyed, and destroy the key data through cooperation of the terminal equipment and the cryptographic machine.
The terminal equipment is connected with the cipher machine by hardware, and the cipher machine is provided with a corresponding connection interface. The terminal device may be a portable device capable of inserting a cryptographic machine, such as a usb key, an SDkey, a smart key, an integrated circuit card (IC card), or the like.
In some embodiments, as shown in fig. 2, step S101 specifically includes:
s1011: detecting whether the terminal equipment connected to the cipher machine is preset terminal equipment or not;
s1012: if yes, determining that the terminal equipment connected to the cipher machine meets a preset condition;
s1013: and determining to trigger key destruction.
Specifically, when detecting that a terminal device is inserted into a cryptographic machine, judging whether the terminal device is a preset terminal device (such as the usbkey), if so, determining that key destruction is needed; if not, determining that the key destruction is not needed, and exiting the key destruction.
Further, in other embodiments, as shown in fig. 3, step S101 specifically includes:
s1011: detecting whether the terminal equipment connected to the cipher machine is preset terminal equipment or not;
s1014: if yes, judging whether the connection time of the terminal equipment to the cipher machine meets a preset time threshold;
s1015: if yes, determining that the terminal equipment connected to the cipher machine meets a preset condition;
s1013: and determining to trigger key destruction.
In a specific implementation, although the terminal connected to the cryptographic engine is detected as a preset terminal device, key destruction may not be required, but the terminal device is connected to the cryptographic engine only due to a misplug of the terminal device. In order to accurately determine whether key destruction is required, in the embodiment of the present application, when determining that the terminal device connected to the crypto-machine is a preset terminal device, whether key destruction is required to be triggered is determined by detecting the connection time of the terminal device connected to the crypto-machine. The connection time is the time from the insertion of the crypto-engine from the terminal device to the withdrawal of the terminal device from the crypto-engine. If the connection time is greater than the preset time threshold, the fact that the preset time threshold is met and the key destruction needs to be triggered can be determined; if the connection time is smaller than the preset time threshold, the key destruction is not required to be triggered, and the key destruction is stopped. The preset time threshold may be determined according to real-time requirements, for example, may be 20s.
According to the embodiment of the application, the time for triggering the key destruction can be detected according to the connection between the cipher machine and the terminal equipment, and the cipher machine is not required to be sent with a key destruction instruction, so that the national cryptographic requirements can be met.
S102: and receiving first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment.
The first information is a random number randomly generated by the terminal equipment. The first signature information is signature information obtained by signing the random number generated randomly by the terminal equipment by using a signature container. The signature container stores a pair of asymmetric encryption public and private keys used for signing, and the signature container can use the private keys to sign the first information to obtain the first signature information. In this embodiment, the signature container is used to sign, so that a trusted signature can be obtained, and an application which is not authorized by the signature is prevented from being started.
After determining that the key destruction needs to be triggered, the terminal equipment randomly generates a random number, signs the random number by using a signature container to obtain a signature value of the random number, sends the signature value to a cipher machine, and the cipher machine receives the signature value.
S103: and signing the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment.
Specifically, the first key is a public key for signing, and can be derived from a signing container of the terminal device and sent to the crypto-engine, so that the crypto-engine performs signature verification by using the first key. After determining the terminal equipment for carrying out key destruction in cooperation with the cipher machine, the terminal equipment can pre-create a signature container for signature, and pre-set a public and private key for signature in the signature container.
In some embodiments, after determining to trigger the key destruction, before receiving the first information and the first signature information sent by the terminal device, the method further includes:
and receiving the first key sent by the terminal equipment and the characteristic value used for triggering the terminal equipment.
The terminal device can export the first secret key for signature verification from the signature container in advance and send the first secret key to the cipher machine for storage, and the cipher machine can directly call the first secret key from the cipher machine to carry out signature verification on the first signature information after receiving the first signature information. Since the cipher machine itself stores various keys, the first key is stored in the cipher machine in advance, so that the security of the key can be ensured.
It can be understood that in the embodiment of the application, the private key for signing cannot be derived from the terminal equipment, so that other people can be effectively prevented from copying the digital certificate or forging the identity of the user, and the method is safer and more reliable.
The characteristic value (sn) used for triggering the terminal equipment can be sent to the crypto machine for storage along with the first key, the crypto machine can determine that key destruction needs to be triggered after receiving the characteristic value, and key data needing to be destroyed in a storage area can be determined according to the characteristic value pair in a subsequent process.
In other embodiments, the first key may also be stored in the terminal device all the time, and after the first information is signed by using the signature container, the first key is sent to the crypto-engine together with the first signature information, and the specific storage manner of the first key is not limited in this application.
In some embodiments, step S103, signing the first signature information with the first key specifically includes:
step S1031: signing the first signature information by using the first secret key to obtain signing verification data;
step S1032: and comparing the signature verification data with the first information, and if the signature verification data is the same as the first information, determining that the signature verification is successful.
After the cipher machine receives the first signature information, checking the correctness of the first information, then checking the first signature information by using the first secret key, and if the first signature passes, proving that the first signature information is a corresponding user, thereby realizing the identity authentication process of destroying the secret key. If the verification signature does not pass, the identity verification is determined to fail, and the key destruction is unsuccessful.
In some embodiments, step S102 specifically includes:
receiving second signature information obtained by encrypting the first signature information by using a second key;
before signing the first signature information with the first key in step S103, the method further includes:
and decrypting the second signature information by using a third key to obtain the first signature information, wherein the second key and the third key are a pair of key pairs of the cipher machine.
In order to ensure the safety of data transmission between the terminal equipment and the cipher machine, after the terminal equipment signs the first information, the first signature information can be encrypted to obtain a ciphertext signature value, the ciphertext signature value is sent to the cipher machine, the cipher machine receives the ciphertext signature value and then decrypts the ciphertext signature value to obtain a plaintext signature value, and then the plaintext signature value is checked.
The terminal device and the cipher machine may negotiate a key pair in advance before performing data transmission interaction, so as to perform subsequent data encryption transmission. The keys in the key pair may be symmetric keys or asymmetric keys. When the second key and the third key are symmetric keys, the second key and the third key are the same; when the second key and the third key are asymmetric keys, the second key can be a public key PB of a cipher machine (a receiver terminal), and the third key can be a private key dB of the cipher machine, so that encrypted transmission of data between the terminal equipment and the cipher machine is realized.
Taking asymmetric encryption as an example, the crypto-engine can generate a pair of public and private keys and send the public key PB to the terminal equipment; the terminal device may encrypt with the public key PB when encrypting plaintext data. Since the second key is a public key, it may itself be public, and thus the second key may be pre-stored at the terminal device and/or at the crypto-engine.
In this embodiment, the second key and the third key are preferably stored in the cryptographic engine to ensure the security of the keys. When encryption is needed, in this embodiment, when the key is needed to be destroyed, the crypto-engine may search the second key stored therein and send the second key to the terminal device, so that the terminal device encrypts the signed first signature information.
In other embodiments, the second key may be pre-stored in the terminal device to facilitate invocation during encryption. A special memory space may be provided in the terminal device for storing the encryption key.
In a specific implementation, the terminal device may encrypt the first information, and send the encrypted first information to the crypto-engine, where the key used to encrypt the first information and the first signature information may be the same or different. The encrypted transmission of the first information is similar to the encrypted transmission of the first signature information and will not be described in detail here.
S104: after the verification passes, the secret key stored in the cipher machine is destroyed.
After the signature verification is passed, the success of user identity verification is determined, and the cipher machine can determine the corresponding destroying authority of the terminal equipment (user identity information) according to the signature and/or the characteristic value for triggering the terminal equipment, so that the cipher machine can destroy the corresponding key data in the storage area according to the destroying authority.
The key destroying method provided by the embodiment of the application realizes key destroying through the cooperation of the third-party terminal equipment and the cipher machine, does not need to modify the hardware structure of the cipher machine, can set a key destroying mechanism on the basis of the existing cipher machine, has strong compatibility and portability, is convenient to deploy and maintain, and has small and portable terminal equipment (usbkey) similar to a USB flash disk and lower cost; according to the method and the device, the identity authentication of the digital certificate is carried out based on the third-party terminal equipment, the identity of an operator can be limited, only the personnel with the terminal equipment can carry out key destruction, and the safety and reliability of password destruction are higher; in addition, the first information for signing is a random number which is randomly generated, dynamic signing verification can be performed, and the security of the signing verification process is ensured; in addition, the key destroying mechanism is triggered according to the connection state of the third-party terminal equipment and the cipher machine, so that the cipher machine key destroying standard issued by national cipher is more met.
Example two
Fig. 4 is a flowchart of another key destruction method according to an embodiment of the present application. As shown in fig. 4, based on the above-mentioned key destroying method applied to a crypto apparatus, an embodiment of the present application provides a key destroying method applied to a terminal device, where the method includes:
s401: establishing connection with a cipher machine;
s402: generating first information when the terminal equipment connected to the crypto-machine meets a preset condition;
s403: signing the first information to obtain first signature information;
s404: and sending the first information and the first signature information to the cipher machine so that the cipher machine can use a first key to sign the first signature information, wherein the first key is a signature key preset by the terminal equipment.
After the terminal equipment is inserted into a connection interface of the cipher machine, the cipher machine detects whether the terminal equipment connected to the cipher machine meets preset conditions or not; if yes, determining to trigger the key destruction. At this time, the terminal device randomly generates first information, signs the first information by using a signature container of the terminal device to obtain first signature information, and then sends the first signature information and the first information to the crypto-engine. After the cipher machine receives the first signature information, the first signature information is checked by using a first key, the check passes, the identity authentication is confirmed to pass, and then the key of the corresponding storage area in the cipher machine is destroyed; if the verification sign fails, the identity authentication is determined to fail, and the key in the cipher machine is destroyed unsuccessfully, so that illegal users can be effectively prevented from triggering the key destruction, and the safety and reliability of the key destruction are ensured.
In some embodiments, prior to signing the first information, the method further comprises:
(1) Creating a signature container for signing;
(2) Deriving the first key from the signature container;
(3) And sending the first key to the cipher machine for storage.
After determining the terminal equipment for carrying out key destruction in cooperation with the cipher machine, the terminal equipment can pre-create a signature container for signature, and pre-set a public and private key for signature in the signature container. The public key (first key) for signing is then derived and sent to the crypto-engine for verification by the crypto-engine using the public key.
Example III
Fig. 5 is a schematic structural diagram of a cryptographic engine according to an embodiment of the present application. As shown in fig. 5, based on the above-mentioned key destruction method applied to a cryptographic engine, an embodiment of the present application provides a cryptographic engine, including:
a determining module 501 configured to determine to trigger the destruction of a key when detecting that a terminal device connected to the crypto-engine satisfies a preset condition;
the receiving module 502 is configured to receive first information and first signature information sent by the terminal device, where the first signature information is obtained by signing the first information by the terminal device;
a signature verification module 503, configured to perform signature verification on the first signature information by using a first key, where the first key is a signature key preset by the terminal device;
the destroying module 504 is configured to destroy the secret key stored in the cryptographic engine after the verification passes.
In some embodiments, the receiving module 502 is further configured to: and after determining to trigger the destruction of the key, before receiving the first signature information sent by the terminal equipment, receiving the first key sent by the terminal equipment and a characteristic value for triggering the terminal equipment.
In some embodiments, the signature verification module 503 is specifically configured to:
signing the first signature information by using the first secret key to obtain signing verification data;
and comparing the signature verification data with the first information, and if the signature verification data is the same as the first information, determining that the signature verification is successful.
In some embodiments, the receiving module 502 is specifically configured to:
receiving second signature information obtained by encrypting the first signature information by using a second key;
the cryptographic engine further includes a decryption module specifically configured to: and before the first signature information is checked by using the first key, decrypting the second signature information by using a third key to obtain the first signature information, wherein the second key and the third key are a pair of key pairs of the cipher machine.
In some embodiments, the second key and the third key are a pair of asymmetrically encrypted public and private keys, the second key is a public key of the cryptographic machine, and the third key is a private key of the cryptographic machine.
In some embodiments, the determination module 501 is specifically configured to:
detecting whether the terminal equipment connected to the cipher machine is preset terminal equipment or not;
if yes, judging whether the connection time of the terminal equipment to the cipher machine meets a preset time threshold;
if yes, determining that the terminal equipment connected to the cipher machine meets a preset condition;
and determining to trigger key destruction.
Example IV
Fig. 6 is a schematic structural diagram of a terminal device according to an embodiment of the present application. As shown in fig. 6, based on the above-mentioned method for destroying a key applied to a terminal device, an embodiment of the present application provides a terminal device, including:
a connection module 601 configured to establish a connection with a cryptographic engine;
a generating module 602 configured to generate first information when the terminal device connected to the cryptographic engine satisfies a preset condition;
a signature module 603 configured to sign the first information to obtain first signature information;
and the sending module 604 is configured to send the first information and the first signature information to the crypto-machine, so that the crypto-machine uses a first key to sign the first signature information, wherein the first key is a signature key preset by the terminal equipment.
Example five
The embodiment of the application also provides a key destruction system, which comprises a cipher machine and terminal equipment used for being connected with the cipher machine, wherein the cipher machine is used for:
when the terminal equipment connected to the cipher machine is detected to meet the preset condition, determining to trigger the destruction of the key;
receiving first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment;
signing the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment;
after the verification passes, destroying the secret key stored in the cipher machine;
the terminal device is used for:
establishing connection with a cipher machine;
generating first information when the terminal equipment connected to the crypto-machine meets a preset condition;
signing the first information to obtain first signature information;
and sending the first information and the first signature information to the cipher machine so that the cipher machine can use a first key to sign the first signature information, wherein the first key is a signature key preset by the terminal equipment.
It should be noted that, the key destroying method applied to the terminal device provided in the embodiment of the present application corresponds to the key destroying method applied to the cryptographic machine in the embodiment, the cryptographic machine corresponds to the key destroying method applied to the cryptographic machine in the embodiment, the terminal device corresponds to the key destroying method applied to the terminal device in the embodiment, the key destroying system corresponds to the cryptographic machine and the terminal device, based on the key destroying method applied to the cryptographic machine, those skilled in the art can understand specific implementations of the key destroying method applied to the terminal device, the cryptographic machine, the terminal device and the key destroying system in the embodiment of the present application and various variations thereof, and any optional item in the key destroying method embodiment applied to the cryptographic machine is also applicable to the key destroying method applied to the terminal device, the cryptographic machine, the terminal device and the key destroying system, which are not repeated herein.
Example six
FIG. 7 is a schematic diagram of another cryptographic engine according to an embodiment of the present application. As shown in fig. 7, an embodiment of the present application provides a cryptographic engine, including:
a connection interface 701 for connection with a terminal device;
a memory 702 having stored therein computer program instructions;
a processor 703, said processor 703 implementing the key destruction method described above when executing said computer program instructions.
The memory 702 may include a plurality of independent first storage areas, where each first storage area stores key data to be destroyed, and the key data of each first storage area is independent from each other, so that the first storage areas do not affect each other during destruction. The memory 702 may further include a second storage area, configured to store the first key for signing, and related data for triggering a feature value of the terminal device to cooperate with the terminal device to perform key destruction.
The first memory region may include volatile memory (e.g., random-access memory (RAM), which may include volatile RAM, magnetic RAM, ferroelectric RAM, and any other suitable form), as well as nonvolatile memory (e.g., disk memory, flash memory, erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), memristor-based nonvolatile solid state memory, etc.). The second storage area is preferably a non-volatile memory.
The processor 703 may be a general purpose processor, including a central processing unit CPU, a Network Processor (NP), etc.; but may also be a digital signal processor DSP, an application specific integrated circuit ASIC, a field programmable gate array FPGA or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component.
The embodiment of the application also provides a computer readable storage medium, on which computer executable instructions are stored, which when executed by a processor, implement the key destruction method described above.
The above embodiments are only exemplary embodiments of the present application and are not intended to limit the present application, the scope of which is defined by the claims. Various modifications and equivalent arrangements may be made to the present application by those skilled in the art, which modifications and equivalents are also considered to be within the scope of the present application.
Claims (10)
1. A method for destroying a key applied to a cryptographic engine, comprising:
when the terminal equipment connected to the cipher machine is detected to meet the preset condition, determining to trigger the destruction of the key;
receiving first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment;
signing the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment;
after the verification passes, the secret key stored in the cipher machine is destroyed.
2. The method of claim 1, wherein after determining to trigger key destruction, prior to receiving the first information and the first signature information sent by the terminal device, the method further comprises:
and receiving the first key sent by the terminal equipment and the characteristic value used for triggering the terminal equipment.
3. The method of claim 1, wherein signing the first signature information using the first key comprises:
signing the first signature information by using the first secret key to obtain signing verification data;
and comparing the signature verification data with the first information, and if the signature verification data is the same as the first information, determining that the signature verification is successful.
4. The method according to claim 1, wherein receiving the first signature information sent by the terminal device comprises:
receiving second signature information obtained by encrypting the first signature information by using a second key;
before signing the first signature information using the first key, the method further comprises:
and decrypting the second signature information by using a third key to obtain the first signature information, wherein the second key and the third key are a pair of key pairs of the cipher machine.
5. The method of claim 4, wherein the second key and the third key are a pair of asymmetrically encrypted public and private keys, the second key is a public key of the cryptographic machine, and the third key is a private key of the cryptographic machine.
6. The method according to claim 1, wherein determining to trigger key destruction upon detecting that a terminal device connected to the crypto-engine fulfils a preset condition comprises:
detecting whether the terminal equipment connected to the cipher machine is preset terminal equipment or not;
if yes, judging whether the connection time of the terminal equipment to the cipher machine meets a preset time threshold;
if yes, determining that the terminal equipment connected to the cipher machine meets a preset condition;
and determining to trigger key destruction.
7. A key destruction method applied to a terminal device, comprising:
establishing connection with a cipher machine;
generating first information when the terminal equipment connected to the crypto-machine meets a preset condition; the preset condition is used for determining whether the cipher machine triggers the key destruction or not;
signing the first information to obtain first signature information;
the first information and the first signature information are sent to the cipher machine, so that the cipher machine uses a first secret key to check the first signature information, and the stored secret key is destroyed when the check passes; the first key is a signature key preset by the terminal equipment.
8. The method of claim 7, wherein prior to signing the first information, the method further comprises:
creating a signature container for signing;
deriving the first key from the signature container;
and sending the first key to the cipher machine for storage.
9. A cryptographic engine, comprising:
the determining module is configured to determine to trigger the destruction of the key when detecting that the terminal equipment connected to the cipher machine meets a preset condition;
the receiving module is configured to receive first information and first signature information sent by the terminal equipment, wherein the first signature information is obtained by signing the first information by the terminal equipment;
the signature verification module is configured to verify the first signature information by using a first key, wherein the first key is a signature key preset by the terminal equipment;
and the destroying module is configured to destroy the secret key stored in the cipher machine after the verification sign passes.
10. A terminal device, comprising:
a connection module configured to establish a connection with a cryptographic engine;
the generation module is configured to generate first information when the terminal equipment connected to the cipher machine meets a preset condition; the preset condition is used for determining whether the cipher machine triggers the key destruction or not;
the signature module is configured to sign the first information to obtain first signature information;
the sending module is configured to send the first information and the first signature information to the cipher machine so that the cipher machine can use a first key to check the first signature information and destroy the stored key when the check passes; the first key is a signature key preset by the terminal equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111003290.1A CN113726509B (en) | 2021-08-30 | 2021-08-30 | Key destroying method, cipher machine and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111003290.1A CN113726509B (en) | 2021-08-30 | 2021-08-30 | Key destroying method, cipher machine and terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113726509A CN113726509A (en) | 2021-11-30 |
| CN113726509B true CN113726509B (en) | 2023-05-02 |
Family
ID=78678966
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111003290.1A Active CN113726509B (en) | 2021-08-30 | 2021-08-30 | Key destroying method, cipher machine and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113726509B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656503A (en) * | 2016-10-13 | 2017-05-10 | 上海众人网络安全技术有限公司 | Key storage method, data encryption and decryption method, electronic signature method and devices thereof |
| CN106789977A (en) * | 2016-12-07 | 2017-05-31 | 北京信任度科技有限公司 | A kind of method and system that handset token is realized based on Secret splitting |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109831300A (en) * | 2017-11-23 | 2019-05-31 | 航天信息股份有限公司 | A kind of cipher key destruction method and device |
| CN110401615B (en) * | 2018-04-24 | 2021-11-26 | 广东工业大学 | Identity authentication method, device, equipment, system and readable storage medium |
| SG11201908931TA (en) * | 2019-03-29 | 2019-10-30 | Alibaba Group Holding Ltd | Cryptographic key management based on identity information |
| CN111327422A (en) * | 2020-03-05 | 2020-06-23 | 中安云科科技发展(山东)有限公司 | Cipher machine with key destruction function and key destruction method |
| CN112000975B (en) * | 2020-10-28 | 2021-02-09 | 湖南天琛信息科技有限公司 | Key management system |
-
2021
- 2021-08-30 CN CN202111003290.1A patent/CN113726509B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656503A (en) * | 2016-10-13 | 2017-05-10 | 上海众人网络安全技术有限公司 | Key storage method, data encryption and decryption method, electronic signature method and devices thereof |
| CN106789977A (en) * | 2016-12-07 | 2017-05-31 | 北京信任度科技有限公司 | A kind of method and system that handset token is realized based on Secret splitting |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113726509A (en) | 2021-11-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3343831B1 (en) | Identity authentication method and apparatus | |
| CN106612180B (en) | Method and device for realizing session identification synchronization | |
| CN112000975B (en) | Key management system | |
| CN105427099A (en) | Network authentication method for secure electronic transactions | |
| CN113472793B (en) | Personal data protection system based on hardware password equipment | |
| CN112565265B (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
| CN105162797A (en) | Bidirectional authentication method based on video surveillance system | |
| CN108496323B (en) | Certificate importing method and terminal | |
| CN107133512B (en) | POS terminal control method and device | |
| CN112241527B (en) | Secret key generation method and system of terminal equipment of Internet of things and electronic equipment | |
| CN112257093B (en) | Authentication method, terminal and storage medium for data object | |
| CN111540093A (en) | Access control system and control method thereof | |
| CN103592927A (en) | Method for binding product server and service function through license | |
| CN112861148B (en) | Data processing method, server, client and encryption machine | |
| CN102571341B (en) | A kind of Verification System based on dynamic image and authentication method | |
| CN113726509B (en) | Key destroying method, cipher machine and terminal equipment | |
| CN103281188A (en) | Method and system for backing up private key in electronic signature token | |
| JP5489913B2 (en) | Portable information device and encrypted communication program | |
| CN115766192A (en) | UKEY-based offline security authentication method, device, equipment and medium | |
| CN106533685B (en) | Identity authentication method, device and system | |
| CN110659522B (en) | Storage medium security authentication method and device, computer equipment and storage medium | |
| KR20180029932A (en) | Method and apparatus for providing encryption security message | |
| CN111740938B (en) | Information processing method and device, client and server | |
| KR20080042582A (en) | System and method for protecting a user device using a token device | |
| CN116911988B (en) | Transaction data processing method, system, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |