CN114938274A - Hierarchical key management and data security distribution method and system - Google Patents

Hierarchical key management and data security distribution method and system Download PDF

Info

Publication number
CN114938274A
CN114938274A CN202210671838.8A CN202210671838A CN114938274A CN 114938274 A CN114938274 A CN 114938274A CN 202210671838 A CN202210671838 A CN 202210671838A CN 114938274 A CN114938274 A CN 114938274A
Authority
CN
China
Prior art keywords
key
user
data
server
distribution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210671838.8A
Other languages
Chinese (zh)
Inventor
杨国强
刘会议
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Sanwei Xinan Information Technology Co ltd
Shandong Duofang Semiconductor Co ltd
Original Assignee
Shandong Sanwei Xinan Information Technology Co ltd
Shandong Duofang Semiconductor Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Sanwei Xinan Information Technology Co ltd, Shandong Duofang Semiconductor Co ltd filed Critical Shandong Sanwei Xinan Information Technology Co ltd
Priority to CN202210671838.8A priority Critical patent/CN114938274A/en
Publication of CN114938274A publication Critical patent/CN114938274A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a hierarchical key management and data secure distribution method and a system, comprising the following steps: generating a public and private key pair for each user; the user key is sent along with the searchable encrypted key. Distributing a user key for each user in the key distribution and storage stage; encrypting and storing the user identification and the user key on a server; generating a trapdoor according to the identification of the authorized user in a data distribution stage for searching; the server returns a corresponding authorized user key; generating a session key and distributing data by using an authorized user key; after receiving the data, the user decrypts the data by using the user key of the user to obtain the session key, so as to obtain the real data. The invention utilizes the key encryption data of different levels to combine with the ciphertext searchable technology, reduces the length of the ciphertext, reduces the consumption of bandwidth, protects the safety of the user key, reduces the calculation expense of a data center and improves the efficiency.

Description

Hierarchical key management and data secure distribution method and system
Technical Field
The invention relates to the technical field of information security, in particular to a hierarchical key management and data security distribution method and system.
Background
With the development of the internet and the arrival of the big data era, the security of data is becoming an increasingly important research content in real life. In some large enterprises or organizations, the operation and reputation of the enterprise may be seriously affected in case of data leakage or some other security problem. Cryptography, as an underlying tool for securing data, is widely used, such as various encryption protocols and signature protocols. In practical applications, it is often the case that data is distributed from one data center to a plurality of users. The former method generally encrypts data with a private key held by its user and then sends the data to the user for each user receiving the data. However, the length of the ciphertext in this approach may appear to grow linearly as the number of users increases. The method not only improves the calculation cost of the data center, but also increases the bandwidth consumption and reduces the operating efficiency of the scheme. How to design an efficient and safe data distribution method under the condition of protecting data security is an urgent problem to be solved.
In addition, in data centers, storage and management of user keys also face some security issues. Generally, the data center may store the user identification and the key in a table. However, in the case of plaintext storage, once the data center is hacked or Bugs occur, the user identity and the secret key are once leaked, which may seriously affect the transmission security of data. A straightforward solution is to store the table encrypted and decrypt the encrypted table when some user key is needed for data encryption. However, this method is not suitable in practical environment, the data center needs to decrypt the whole table every time data is encrypted, the calculation overhead is large, and the operation efficiency of the scheme is low.
Therefore, a need exists in the art for a hierarchical key management and data security distribution method and system that can efficiently and securely store and manage a user's key.
Disclosure of Invention
In view of this, the invention designs an efficient and secure scheme for user key management and data secure distribution in combination with searchable encryption technology.
In order to achieve the purpose, the invention adopts the following technical scheme:
a hierarchical key management and data security distribution method comprises a key storage and distribution step and a data distribution step:
the key storage and distribution step comprises:
a tree-type user organization structure is constructed, wherein one node in the tree corresponds to one user identifier
Figure BDA0003693518800000021
Representing the ith user identifier of the jth layer as the user identifier
Figure BDA0003693518800000022
Generating corresponding user keys
Figure BDA0003693518800000023
Public and private key pair
Figure BDA0003693518800000024
Pre-stored user identification
Figure BDA0003693518800000025
Encrypting data with corresponding user key
Figure BDA0003693518800000026
In the server, the user key encrypts data
Figure BDA0003693518800000027
And with a secret key K 1 User identification of
Figure BDA0003693518800000028
With a cableReferral, user key encrypted data
Figure BDA0003693518800000029
Comprising a secret key K 2 Encrypting data after the user key set;
using public keys
Figure BDA00036935188000000210
Encrypting and transmitting the user key set to the user sides of all users; the user key set comprises the user key of the current user
Figure BDA00036935188000000211
And the user keys of all ancestor nodes thereof, the user using the corresponding private key
Figure BDA00036935188000000212
Decrypting to complete the distribution of the user key;
the data distribution step comprises:
using a secret key K 1 Generating respective authorized user identifications
Figure BDA00036935188000000213
Trapdoors searching for the same user identification in a server
Figure BDA00036935188000000214
Corresponding user key encrypted data
Figure BDA00036935188000000215
Using a secret key K 2 Decrypting user key encrypted data
Figure BDA00036935188000000216
Obtaining keys of authorized users
Figure BDA00036935188000000217
And encrypting the data M by using a session key SK, and transmitting the data M to a user side of an authorized user, wherein the session key SK is encrypted by using an authorized user key.
Preferably, the user key
Figure BDA00036935188000000218
The generating step comprises: generating a random number of lambda bit length for each user
Figure BDA00036935188000000219
And a time stamp T x (ii) a Calculating a user key for each user
Figure BDA00036935188000000220
Figure BDA00036935188000000221
Where H represents a hash function and | represents the concatenation of two strings.
Preferably, the pre-stored user identifier
Figure BDA00036935188000000222
Encrypting data with corresponding user key
Figure BDA00036935188000000223
The steps in the server include:
using a secret key K 2 Encrypting the user key:
Figure BDA00036935188000000224
generating an index table I with size n and initializing to null, selecting a secret key K 1 The index table is populated as follows:
Figure BDA00036935188000000225
sending S ═ I, c to the server for storage, wherein
Figure BDA0003693518800000031
Preferably, the key K 1 And a secret key K 2 For symmetric keys, use is made of a key K 1 For user identification
Figure BDA0003693518800000032
The algorithm of the encryption is, and utilizes the secret key K 2 The algorithms for encrypting the user key are all symmetric encryption algorithms.
Preferably, the public and private key pair
Figure BDA0003693518800000033
Are distributed directly to the user end through a secure channel.
Preferably, the key storage and distribution step further comprises: using public keys
Figure BDA0003693518800000034
And user identification
Figure BDA0003693518800000035
Generating a lookup table T, and storing the lookup table T in a server in a plaintext form: using each user identity
Figure BDA0003693518800000036
Inquiring a server lookup table T to obtain a corresponding user identifier
Figure BDA0003693518800000037
Of (2) a public key
Figure BDA0003693518800000038
Preferably, the user end of all users receives the public key
Figure BDA0003693518800000039
After encrypting the user key set, using the private key
Figure BDA00036935188000000310
And decrypting the key to obtain the user key set.
Preferably, the utilization key K 1 Generating respective authorized user identifications
Figure BDA00036935188000000311
Trapdoors searching for the same user identification in a server
Figure BDA00036935188000000312
Corresponding user key encrypted data
Figure BDA00036935188000000313
Comprises the following steps:
using a secret key K 1 Generating a corresponding authorized user trapdoor as follows:
e=(e(1),...,e(i),...,e(w))
=(f(K 1 ,ID(1)),...f(K 1 ,ID(i)),...,f(K 1 ,ID(w)))
wherein, f (K) 1 ID (i) is a secret key K 1 The pseudo-random permutation of (a), the set of identities of authorized users UT { ID (1),.. ID (i),. ID (w) }, w being the number of authorized users, ID (i) representing the user identity of an authorized user;
the server searches according to the trapdoors in the following way:
if I [ e (I) ] ≠ T, the server returns the corresponding c (I).
Preferably, the method further comprises the data decryption step of the user side:
after receiving the distributed data, the authorized user side decrypts by using the held user key set to obtain a session key SK;
the encrypted message is decrypted using the session key SK to obtain the original data M.
The invention also provides a hierarchical key management and data security distribution system according to the hierarchical key management and data security distribution method, which comprises a key generation center, a distribution center, a server and a user side; wherein the content of the first and second substances,
the key generation center is used for generating a user key corresponding to a tree-type user organization structure
Figure BDA00036935188000000314
Public and private key pair
Figure BDA00036935188000000315
Secret key K 1 And a secret key K 2
The server is used for storing the user identification
Figure BDA00036935188000000316
Encrypting data with corresponding user key
Figure BDA00036935188000000317
The distribution center is used for executing the key distribution and data distribution steps, encrypting and transmitting the user key set to the user sides of all users and encrypting and transmitting the data M to the user sides of authorized users.
Preferably, the server is further configured to store the public key in clear text
Figure BDA0003693518800000041
And user identification
Figure BDA0003693518800000042
A look-up table T is generated to enable the distribution center to utilize the authorized user identification
Figure BDA0003693518800000043
Inquiring a look-up table T of a server to obtain a corresponding user identifier
Figure BDA0003693518800000044
Of (2) a public key
Figure BDA0003693518800000045
Through the technical scheme, compared with the prior art, the invention has the beneficial effects that:
the invention designs a hierarchical key system, and uses a tree structure to divide users with different hierarchies at a user side. Different keys are distributed according to the hierarchy of each user, and each key is related to user identification, time stamp and random number. Such a hierarchical key hierarchy may enable data distribution to a given set of users based on the same user key.
The invention designs an efficient and safe key storage system. The invention utilizes a searchable encryption technology to encrypt and store the user identification and the user key on the server. When data distribution is performed, the distribution center can search for the user key in a ciphertext state. The method not only protects the security of the user key, but also can reduce the calculation expense of the data center.
The invention designs a hierarchical level data distribution system based on a hierarchical key system, the data distribution center utilizes keys of different levels to encrypt data, and utilizes less ciphertext to distribute to realize the receiving and decryption of the same data by users of different levels, thereby reducing the length of the ciphertext, effectively avoiding the problem that the length of the ciphertext can be increased along with the increase of the number of the users, reducing the consumption of bandwidth and improving the efficiency.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts;
fig. 1 is a flowchart of a hierarchical key management and data security distribution according to an embodiment of the present invention;
FIG. 2 is a diagram of a user key hierarchy provided by an embodiment of the present invention;
fig. 3 is a flowchart of a user key distribution and storage provided in an embodiment of the present invention;
fig. 4 is a comparison diagram of the server S table encryption to the S' table provided in the embodiment of the present invention;
fig. 5 is a flowchart of data distribution and decryption according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a first aspect of the present invention discloses a hierarchical key management and data secure distribution method, including a key storage and distribution step and a data distribution step:
the key storage and distribution step comprises:
a tree-type user organization structure is constructed, wherein one node in the tree corresponds to one user identifier
Figure BDA0003693518800000051
Representing the ith user identifier of the jth layer as the user identifier
Figure BDA0003693518800000052
Generating a corresponding user key
Figure BDA0003693518800000053
Public and private key pair
Figure BDA0003693518800000054
Pre-stored user identification
Figure BDA0003693518800000055
Encrypting data with corresponding user key
Figure BDA0003693518800000056
In the server, the user key encrypts data
Figure BDA0003693518800000057
And with a secret key K 1 By usingUser identification
Figure BDA0003693518800000058
Having an indexed relationship, user keys encrypt data
Figure BDA0003693518800000059
Comprising a secret key K 2 Encrypting data after the user key set;
using public keys
Figure BDA00036935188000000510
The user key set is encrypted and transmitted to the user sides of all the users, and the user key set comprises the user keys of the current users
Figure BDA00036935188000000511
And the user keys of all ancestor nodes, the corresponding users using their own private keys
Figure BDA00036935188000000512
Decrypting to complete the distribution of the user key set;
the data distribution step comprises:
using a secret key K 1 Generating respective authorized user identifications
Figure BDA00036935188000000513
Trapdoors searching for the same user identification in a server
Figure BDA00036935188000000514
Corresponding user key encrypted data
Figure BDA00036935188000000515
Using a secret key K 2 Decrypting user key encrypted data
Figure BDA00036935188000000516
The key of the authorized user is obtained,
and encrypting the data M by using a session key SK, and transmitting the data M to a user side of an authorized user, wherein the session key SK is encrypted by using an authorized user key.
The present embodiment mainly comprises 7 main processes: in the system initialization stage, a key generation center generates a pair of public and private keys for each user; the key generation center sends the user key and the searchable encryption key to the distribution center. In the key distribution and storage phase; thirdly, the distribution center distributes the user key for each user; and fourthly, the distribution center encrypts and stores the user identification and the user secret key on the server. In the data distribution phase; generating a trapdoor by the distribution center according to the identification of the authorized user for searching; sixthly, the server returns the corresponding encrypted user key, and the distribution center decrypts the encrypted user key; the distribution center generates a session key and distributes data using the user key. After receiving the data, the user decrypts the data by using the private key of the user to obtain a session key, and then obtains real data.
The organizational structure of the user can be represented by a tree structure according to different practical applications. Different nodes represent different meanings. For example, the root node of a tree represents the global headquarters of a company and the leaf nodes represent each employee in the enterprise. Other intermediate nodes may represent some regional headquarters or some departments within the enterprise. Referring to fig. 2, this embodiment sets a unique id for each node in the tree
Figure BDA0003693518800000061
The key generation center will be for each node in the tree
Figure BDA0003693518800000062
Will generate a corresponding user key
Figure BDA0003693518800000063
Wherein j ∈ [1, d ]],i∈[1,t j ],t j Representing the number of users in the j-th level and d representing the user hierarchy. For each user node
Figure BDA0003693518800000064
It not only possesses user key held by itself
Figure BDA0003693518800000065
But also has the keys held by all of its ancestor nodes. For one user node
Figure BDA0003693518800000066
In other words, it holds a set of keys of
Figure BDA0003693518800000067
Wherein
Figure BDA0003693518800000068
Is the user key of its ancestor node.
For example, if the data distribution center encrypts data with the key of the root user, all user nodes on the tree generated by the root node can be decrypted. If the data distribution center is encrypted by the key of a certain leaf node user, only the leaf node user can decrypt the data, and if the data distribution center is encrypted by the user keys of non-leaf nodes and non-root nodes, the node user and all child node users below the node can decrypt the data.
In one embodiment, the user key
Figure BDA0003693518800000069
The generating step comprises: generating a random number of lambda bit length for each user
Figure BDA00036935188000000610
And a time stamp T x (ii) a Calculating a user key for each user
Figure BDA00036935188000000611
Where H represents a hash function and | represents the concatenation of two strings.
The pre-generated key in the method of the embodiment includes:
given a security parameter lambda, a key generation center(KGC) generating two symmetric keys K for a distribution center 1 And K 2 The two keys are used by the distribution center to encrypt and store the user identification and the user key.
Based on a given security parameter lambda, the key generation center is centered for each user
Figure BDA00036935188000000612
Generate a pair of public and private keys as
Figure BDA00036935188000000613
Each pair of public and private keys may be distributed by the key generation center to the respective users over a secure channel. The public and private keys are mainly used for encrypting and transmitting user keys, a distribution center in the data center stores a table T for recording user identification and public keys of users, and the data center can store the table T on a server in a plaintext form because the table T only contains the public keys of the users.
Based on a given security parameter lambda, the key generation center is centered for each user
Figure BDA0003693518800000071
A corresponding user key is generated.
The key generation center firstly generates a random number with a lambda bit length for each user
Figure BDA0003693518800000072
And a time stamp T x Then the key generation center calculates the key of each user
Figure BDA0003693518800000073
Where H represents a hash function and | represents the concatenation of two strings. The user key is used for encrypting the session key at the time of data distribution later. The distribution center generates and stores a table S for recording the user id and the user key, and since the table S contains the user key, the data center should store the table S in the form of ciphertext on the server.
In one embodiment, see FIG. 4, the descriptionPre-stored user identification
Figure BDA0003693518800000074
Encrypting data with corresponding user key
Figure BDA0003693518800000075
The steps in the server include:
for each user key
Figure BDA0003693518800000076
Distribution center using key generation center generated K 2 Encrypting it:
Figure BDA0003693518800000077
secc herein stands for any symmetric encryption algorithm, such as AES, DES, etc.
Generating an index table I with the size of n, initializing the index table I to be null, and selecting a key K with the key 1 The index table is populated as follows:
Figure BDA0003693518800000078
sending S ═ I, c to the server for storage, wherein
Figure BDA0003693518800000079
In one embodiment, the key K 1 And a secret key K 2 For symmetric keys, use is made of a key K 1 To user identification
Figure BDA00036935188000000710
The algorithm of the encryption is, and utilizes the secret key K 2 The algorithms for encrypting the user key are all symmetric encryption algorithms.
In one embodiment, a public-private key pair
Figure BDA00036935188000000711
Is directed through a secure channelAnd distributing to the user terminal.
In one embodiment, the key storage and distribution step further comprises: using public keys
Figure BDA00036935188000000712
And user identification
Figure BDA00036935188000000713
Generating a lookup table T and storing the lookup table T in a server in a plaintext form; using each user identity
Figure BDA00036935188000000714
Inquiring a server lookup table T to obtain a corresponding user identifier
Figure BDA00036935188000000715
Of (2)
Figure BDA00036935188000000716
The specific implementation process is as follows:
distribution center in data center for each user
Figure BDA00036935188000000717
Distributing the corresponding user key is as follows:
the distribution center obtains corresponding users according to the query table T of the server
Figure BDA00036935188000000718
Of (2) a public key
Figure BDA00036935188000000719
Distribution center for encryption
Figure BDA00036935188000000720
And each will be
Figure BDA00036935188000000721
Sending the data to corresponding users, and decrypting by the users by using the private keys of the users to obtain a key set
Figure BDA00036935188000000722
PEnc and PDec herein represent any public key based encryption and decryption algorithm, such as RSA.
Each user end receives the public key
Figure BDA0003693518800000081
After encrypting the user key set, using the private key
Figure BDA0003693518800000082
And decrypting the key to obtain the user key set.
In one embodiment, the utilization key K 1 Generating respective authorized user identifications
Figure BDA0003693518800000083
Trapdoors searching for the same user identification in a server
Figure BDA0003693518800000084
Corresponding user key encrypted data
Figure BDA0003693518800000085
Comprises the following steps:
using a secret key K 1 Generating a corresponding authorized user trapdoor as follows:
e=(e(1),...,e(i),...,e(w))
=(f(K 1 ,ID(1)),...f(K 1 ,ID(i)),...,f(K 1 ,ID(w)))
wherein, f (K) 1 ID (i) is a secret key K 1 The pseudo-random permutation of (a), the set of identities of authorized users UT ═ { ID (1),.. ID (i),. ID.),. ID, (w) }, w being the number of authorized users, ID (i) representing the user identities of the authorized users;
the server searches according to the trapdoors in the following way:
if I [ e (I) ] ≠ T, the server returns the corresponding c (I).
The specific implementation steps of data distribution are as follows:
in the dataThe central distribution first determines the set of authorized users, i.e. which users can decrypt the corresponding broadcast message. First, the distribution center selects an identification set UT ═ ID (1),. ID (i),. ID (w), for the corresponding authorized user, according to the actual situation. w is the number of authorized users and id (i) represents the identity of a user. Thereafter, the data center utilizes the key K 1 Generating a corresponding authorized user trapdoor as follows:
e=(e(1),...,e(i),...,e(w))=(f(K 1 ,ID(1)),...f(K 1 ,ID(i)),...,f(K 1 ,ID(w)))。
the distribution center sends the searched trapdoor e to the server, and the server searches according to the trapdoor in the following mode:
if I [ e (I)]≠ t, the server returns the corresponding c (i). The distribution center then uses the key K it owns 2 And c (i) is decrypted to obtain the corresponding K (i). All user keys k (i) together form a set:
BK={K(1),..,K(i),...,K(w)}。
when creating the table S, f (K) is used 1 ID (i) is used as an index in a table, a key corresponding to the user ID (i) can be found through the index, and when the trapdoor is constructed, if the input ID (i) does not belong to any one of the previously stored IDs, the server searches f (K) 1 ID (i)) will return ^ t because f (K) 1 ID (i)) this index is not present at all in the table. Correspondingly, if the input ID (i) belongs to a previously stored ID, the server can find the corresponding key ciphertext according to the index, and return to c (i).
For a piece of data M, the distribution center first generates a temporary session key SK to encrypt the data M to obtain EM ═ SEnc (SK, M). The distribution center then encrypts the session SK key with the key k (i) of the authorized user to obtain esk (i) SEnc (k (i), SK).
Finally, the distribution center distributes { (ESK (1),.., ESK (i),.., ESK (w), EM } out.
In one embodiment, referring to fig. 5, the method further includes the data decryption step at the user end:
the authorized user end utilizes the held user key set after receiving the distributed data
Figure BDA0003693518800000091
Decrypting one of K (i) and K (i) to obtain a session key SK ═ SDec (K (i) and EKS (i));
the encrypted message is decrypted using the session key SK to obtain the original data M SDec (SK, EM).
The invention also discloses a hierarchical key management and data security distribution system of the hierarchical key management and data security distribution method provided by the first aspect, which mainly comprises two kinds of entities: the data center comprises a key generation center, a distribution center and a server; wherein, the first and the second end of the pipe are connected with each other,
the key generation center is used for generating a user key corresponding to the tree-type user organization structure
Figure BDA0003693518800000092
Public and private key pair
Figure BDA0003693518800000093
Secret key K 1 And a secret key K 2
The server is used for storing the user identification
Figure BDA0003693518800000094
Encrypting data with corresponding user key
Figure BDA0003693518800000095
The distribution center is used for executing the key distribution and data distribution steps, encrypting and transmitting the user key set to the user sides of all users and encrypting and transmitting the data M to the user sides of authorized users.
In one embodiment, the server is further configured to store the public key in clear text
Figure BDA0003693518800000096
And use ofUser identification
Figure BDA0003693518800000097
A look-up table T is generated to enable the distribution center to utilize the authorized user identification
Figure BDA0003693518800000098
Inquiring a look-up table T of a server to obtain a corresponding user identifier
Figure BDA0003693518800000099
Of (2)
Figure BDA00036935188000000910
At the user end, the invention designs a user organization structure with hierarchy. The user organization architecture can be divided into several layers according to actual conditions. For example, for a large enterprise, the enterprise may be divided into a global headquarters, a regional headquarters, a department, an employee, and so on. In the present invention, the key generation center needs to generate a key for each user in each layer. Specifically, for a user of the first layer, the key generated for it is
Figure BDA00036935188000000911
Generate a key of
Figure BDA00036935188000000912
For its d-th (last) layer user, the generated key is
Figure BDA00036935188000000913
Where d represents the number of user organization layers, t j Representing the number of users at layer j. In addition, the user at each layer can obtain not only the key belonging to the user, but also the key owned by the parent node of the user. For example, for the first user in three layers, the key he has is
Figure BDA0003693518800000101
For a piece of data M, when the data M is subjected to data distribution, the data MThe distribution center in the center needs to generate a session key SK and a key to select some authorized users. The session key is used to encrypt the message M and the user key is used to encrypt the session key SK. The corresponding decryptable authorized user is different according to the different selected user key. For example, if used
Figure BDA0003693518800000102
To encrypt the session key SK, then represent possession
Figure BDA0003693518800000103
All users of this key (from all children nodes below this node) can decrypt it, if used
Figure BDA0003693518800000104
The session key SK is encrypted by the key, and then only the possession of
Figure BDA0003693518800000105
One user (leaf node) can decrypt the session key. In some other applications, there may be more levels of users, and the above-described method may be used to generate keys for each level of users
Figure BDA0003693518800000106
Where j represents the jth level and i represents the ith user of a certain level.
On the data center side, a key generation center of the data center is responsible for generating a corresponding user key for each user
Figure BDA0003693518800000107
The key generation center firstly generates a random number with a lambda bit length for each user
Figure BDA0003693518800000108
And a system time based timestamp T x . According to the corresponding random number
Figure BDA0003693518800000109
And a time stamp T x The key generation center can calculate a corresponding private key for each user
Figure BDA00036935188000001010
Where H represents a hash function and | represents the concatenation of two strings. At the time of key distribution, the distribution center distributes the user key to each user separately. The distribution center then identifies each user
Figure BDA00036935188000001011
With corresponding keys
Figure BDA00036935188000001012
Stored as one record in table S. Thereafter, the distribution center stores the table S in the data server using searchable encryption. When the distribution center needs to encrypt and distribute data, firstly, a searchable encryption technology is used for searching the identification of the corresponding authorized user on the encryption table S' of the storage server, and a key corresponding to the identification of the corresponding user is returned. This user key is then decrypted and returned to the distribution center. At each data distribution, the distribution center generates a temporary session key SK for encrypting the data M. The session keys are then separately encrypted using the user keys of the authorized users.
Before data distribution begins, communication is required between the distribution center and the user. The distribution center distributes the user key set to each user. Each user has a public and private key pair
Figure BDA00036935188000001013
Figure BDA00036935188000001014
The distribution center can use the public key of the user to set the secret key for the public key of the user
Figure BDA00036935188000001015
The encryption is transmitted to the user. The user utilizes the private key to decrypt and obtain
Figure BDA00036935188000001016
The above detailed description is made on the hierarchical key management and data security distribution method and system provided by the present invention, and a specific example is applied in this embodiment to explain the principle and the implementation of the present invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined in this embodiment may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A hierarchical key management and data security distribution method is characterized by comprising the following steps of key storage and distribution and data distribution:
the key storage and distribution step comprises:
a tree-type user organization structure is constructed, wherein one node in the tree corresponds to one user identifier
Figure FDA0003693518790000011
The ith user identifier of the jth layer is represented as a user identifier
Figure FDA0003693518790000012
Generating corresponding user keys
Figure FDA0003693518790000013
Public and private key pair
Figure FDA0003693518790000014
Pre-stored user identification
Figure FDA0003693518790000015
Encrypting data with corresponding user key
Figure FDA0003693518790000016
In the server, the user key encrypts data
Figure FDA0003693518790000017
And with a secret key K 1 User identification of
Figure FDA0003693518790000018
Having an indexed relationship, user keys encrypt data
Figure FDA0003693518790000019
Comprising a secret key K 2 Encrypting the data after the user key;
using public keys
Figure FDA00036935187900000110
Encrypting and transmitting the user key set to the user sides of all users; the user key set comprises the user key of the current user
Figure FDA00036935187900000111
And the user keys of all ancestor nodes thereof, the user using the corresponding private key
Figure FDA00036935187900000112
Carrying out decryption;
the data distribution step comprises:
using a secret key K 1 Generating respective authorized user identifications
Figure FDA00036935187900000113
Trapdoors searching for the same user identification in a server
Figure FDA00036935187900000114
Corresponding user key encrypted data
Figure FDA00036935187900000115
Using a secret key K 2 Decrypting user key encrypted data
Figure FDA00036935187900000116
Obtaining keys of authorized users
Figure FDA00036935187900000117
And encrypting the data M by using a session key SK, and transmitting the data M to a user side of an authorized user, wherein the session key SK is encrypted by using an authorized user key.
2. The hierarchical key management and data security distribution method according to claim 1, wherein the user key is used for managing the user key
Figure FDA00036935187900000118
The generating step comprises: generating a random number of lambda bit length for each user
Figure FDA00036935187900000119
And a time stamp T x (ii) a Calculating a user key for each user
Figure FDA00036935187900000120
Figure FDA00036935187900000121
Wherein H represents a hash functionAnd | represents the concatenation of two strings.
3. The hierarchical key management and data security distribution method according to claim 1, wherein the pre-stored subscriber identity
Figure FDA00036935187900000122
Encrypting data with corresponding user key
Figure FDA00036935187900000123
The steps in the server include:
using a secret key K 2 Encrypting the user key:
Figure FDA00036935187900000124
generating an index table I with size n and initializing to null, selecting a secret key K 1 The index table is populated as follows:
Figure FDA00036935187900000125
sending S ═ I, c to the server for storage, wherein
Figure FDA00036935187900000126
4. The hierarchical key management and data security distribution method of claim 1, wherein the key K is 1 And a secret key K 2 For symmetric keys, use is made of a key K 1 To user identification
Figure FDA0003693518790000021
Algorithm for encryption, and use of a secret key K 2 The algorithms for encrypting the user key are all symmetric encryption algorithms.
5. The hierarchical key management and data security distribution method according to claim 1, wherein the key storage and distribution step further comprises: using public keys
Figure FDA0003693518790000022
And user identification
Figure FDA0003693518790000023
Generating a lookup table T and storing the lookup table T in a server in a plaintext form; using each user identity
Figure FDA0003693518790000024
Inquiring a server lookup table T to obtain a corresponding user identifier
Figure FDA0003693518790000025
Of (2) a public key
Figure FDA0003693518790000026
All users' clients are receiving the public key
Figure FDA0003693518790000027
After encrypting the user key set, using the private key
Figure FDA0003693518790000028
And decrypting the key to obtain the user key set.
6. The hierarchical key management and data security distribution method according to claim 3, wherein the utilization key K 1 Generating respective authorized user identifications
Figure FDA0003693518790000029
Trapdoors searching for the same user identification in a server
Figure FDA00036935187900000210
Corresponding user key encrypted data
Figure FDA00036935187900000211
Comprises the following steps:
using a secret key K 1 Generating a corresponding authorized user trapdoor as follows:
e=(e(1),...,e(i),,e(w))
=(f(K l ,/D(1)),...f(K l ,/D(i)),f(K i ,ID(w)))
wherein, f (K) 1 ID (i) is a secret key K 1 The pseudo-random permutation of (a), the set of identities UT of authorized users being (ID (1), w being the number of authorized users, ID (i) representing the user identities of authorized users;
the server searches according to the trapdoors in the following mode:
if I [ e (I) ] ≠ T, the server returns the corresponding c (I).
7. The hierarchical key management and data security distribution method according to claim 1, further comprising a data decryption step at a user side:
after receiving the distributed data, the authorized user side decrypts the data by using the held user key set to obtain a session key SK;
the encrypted message is decrypted using the session key SK to obtain the original data M.
8. The hierarchical key management and data security distribution method of claim 5, wherein the public-private key pair
Figure FDA00036935187900000212
Are distributed directly to the user end through a secure channel.
9. A hierarchical key management and data security distribution system of the hierarchical key management and data security distribution method according to any one of claims 1 to 8, comprising a key generation center, a distribution center, a server and a user side; wherein the content of the first and second substances,
the key generation center is used for generating a user key corresponding to the tree-type user organization structure
Figure FDA0003693518790000031
Public and private key pair
Figure FDA0003693518790000032
Secret key K 1 And a secret key K 2
The server is used for storing the user identification
Figure FDA0003693518790000033
Encrypting data with corresponding user key
Figure FDA0003693518790000034
The distribution center is used for executing the key distribution and data distribution steps, encrypting and transmitting the user key set to the user sides of all users and encrypting and transmitting the data M to the user sides of authorized users.
10. The hierarchical key management and secure data distribution system according to claim 9, wherein the server is further configured to store the public key in the clear
Figure FDA0003693518790000035
And user identification
Figure FDA0003693518790000036
So that the distribution center utilizes the authorized subscriber identification
Figure FDA0003693518790000037
Inquiring a look-up table T of a server to obtain a corresponding user identifier
Figure FDA0003693518790000038
Of (2) a public key
Figure FDA0003693518790000039
CN202210671838.8A 2022-06-14 2022-06-14 Hierarchical key management and data security distribution method and system Pending CN114938274A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210671838.8A CN114938274A (en) 2022-06-14 2022-06-14 Hierarchical key management and data security distribution method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210671838.8A CN114938274A (en) 2022-06-14 2022-06-14 Hierarchical key management and data security distribution method and system

Publications (1)

Publication Number Publication Date
CN114938274A true CN114938274A (en) 2022-08-23

Family

ID=82866846

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210671838.8A Pending CN114938274A (en) 2022-06-14 2022-06-14 Hierarchical key management and data security distribution method and system

Country Status (1)

Country Link
CN (1) CN114938274A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978774A (en) * 2022-07-28 2022-08-30 四川九洲空管科技有限责任公司 Multi-level key management method based on nested protection structure

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978774A (en) * 2022-07-28 2022-08-30 四川九洲空管科技有限责任公司 Multi-level key management method based on nested protection structure
CN114978774B (en) * 2022-07-28 2022-10-04 四川九洲空管科技有限责任公司 Multi-level key management method based on nested protection structure

Similar Documents

Publication Publication Date Title
Curtmola et al. Searchable symmetric encryption: improved definitions and efficient constructions
Xu et al. Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation
Liang et al. Searchable attribute-based mechanism with efficient data sharing for secure cloud storage
Jung et al. Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption
Wang et al. Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers
Jung et al. Privacy preserving cloud data access with multi-authorities
Yang et al. Enabling efficient access control with dynamic policy updating for big data in the cloud
Xu et al. Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage
Wang et al. Efficiently revocable and searchable attribute-based encryption scheme for mobile cloud storage
Xue et al. CABE: A new comparable attribute-based encryption construction with 0-encoding and 1-encoding
Zhou et al. Privacy enhanced data outsourcing in the cloud
Zhou et al. Privacy-preserved access control for cloud computing
Liu et al. Practical ciphertext-policy attribute-based encryption: traitor tracing, revocation, and large universe
Jiang et al. Verifiable search meets blockchain: A privacy-preserving framework for outsourced encrypted data
Morales-Sandoval et al. Attribute-based encryption approach for storage, sharing and retrieval of encrypted data in the cloud
Vaanchig et al. Achieving Collaborative Cloud Data Storage by Key-Escrow-Free Multi-Authority CP-ABE Scheme with Dual-Revocation.
Zhou et al. Securing outsourced data in the multi-authority cloud with fine-grained access control and efficient attribute revocation
Li et al. A secure cloud data sharing protocol for enterprise supporting hierarchical keyword search
WO2022025822A1 (en) Cloud data sharing systems and methods for sharing data using the systems
Li et al. A novel framework for outsourcing and sharing searchable encrypted data on hybrid cloud
CN114938274A (en) Hierarchical key management and data security distribution method and system
Manasrah et al. An investigation study of privacy preserving in cloud computing environment
Yang et al. Keyword searchable encryption scheme based on blockchain in cloud environment
Jiang et al. A revocable outsourcing attribute-based encryption scheme
Wang et al. Attribute-based encryption with efficient keyword search and user revocation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination