CN115001673A - Key processing method, device and system based on unified multi-domain identifier - Google Patents

Key processing method, device and system based on unified multi-domain identifier Download PDF

Info

Publication number
CN115001673A
CN115001673A CN202210594925.8A CN202210594925A CN115001673A CN 115001673 A CN115001673 A CN 115001673A CN 202210594925 A CN202210594925 A CN 202210594925A CN 115001673 A CN115001673 A CN 115001673A
Authority
CN
China
Prior art keywords
terminal
domain
public key
key
factor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210594925.8A
Other languages
Chinese (zh)
Inventor
孔雪曼
薛梦阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Li Yifa
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CN115001673A publication Critical patent/CN115001673A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the disclosure provides a key processing method, device and system based on a unified multi-domain identifier, and belongs to the technical field of information security. The system comprises: the RKMC is used for generating a domain private key of the DKMC and sending the domain private key to the corresponding DKMC; the IBPK architecture includes the DKMC and all nodes within the domain it manages. The embodiment of the disclosure is suitable for the key processing process of the nodes in the universe.

Description

Key processing method, device and system based on unified multi-domain identifier
Technical Field
The embodiment of the disclosure relates to the technical field of information security, in particular to a key processing method, device and system based on unified multi-domain identification.
Background
With the rapid development of information and network communication technologies, especially the rapid development of the internet of things, the information security problem is more and more prominent. In the internet era, in order to solve the information security problem, a series of new cryptographic algorithms and corresponding information security solutions are proposed in cryptography. For example, from 1976, a series of new cryptographic algorithms with different roles, such as a symmetric Encryption Algorithm DEA (Data Encryption Algorithm), a Diffie-Hellman key agreement protocol, an RSA asymmetric Encryption Algorithm, an RSA digital signature Algorithm, and an MD5 Hash Algorithm, have appeared in cryptography. In the direction of asymmetric Cryptography (also called public key Cryptography), a variety of public key encryption and digital signature algorithms such as ElGamal algorithm, Elliptic Curve Cryptography (ECC) over finite field, and the like gradually appear later. Since public key cryptographic algorithms can be used for remote authentication and encryption of the internet, these techniques have been widely used in the internet era.
However, when an asymmetric algorithm is used for encryption and authentication, firstly, it is necessary to ensure that a Public Key is true and valid, and for this, a Public Key Infrastructure (PKI) technical idea is proposed internationally, and a Certificate Authority (CA) is "K A An assertion that is a valid public key of user a "issues a verifiable certificate (signed by the CA for the certificate) to ensure the correctness of the assertion. In the PKI/CA architecture, multiple layers of CA organizations are required to provide certificate services to a large number of users, including application, issuance, management of public key certificates, facilitating verification of certificates, and the like. This not only requires network online and bandwidth resources, but also the construction and operation and maintenance costs of CA are very high, thus greatly limiting the application and popularization of PKI. Thus, Identity-Based cryptosystems (IBC) were proposed by the cryptologist Shamir in 1984. It "binds" the user's identity to the private Key of a Key Generation Center (KGC)The private key of the user does not require the public key of the user, or the user's identity can equivalently be treated as a public key, so that a public key certificate is not required. However, the IBC algorithm has large computational resources and a low computational speed, and is a "heavyweight" cryptographic algorithm. This set of limitations of IBC makes it equally difficult to popularize and apply.
Especially in the era of the internet of things, massive internet of things terminals need to be authenticated and encrypted on one hand, and on the other hand, computing resources are limited, cross-domain processing of keys is often required, and the processing process is required to have extremely short time delay. This makes it difficult for both PKI/CA system and IBC system to meet the demand of the Internet of things era due to their limitations.
Disclosure of Invention
The embodiment of the disclosure aims to provide a key processing method, device and system based on a unified multi-domain identifier, which solves the problem that cross-domain key processing cannot be performed, achieves the advantages of a certificate system and an IBC system, avoids the limitations of the certificate system and the IBC system, and can meet various requirements of the era of the Internet of things, in particular the requirements of light weight, global key processing, low time delay and the like.
In order to achieve the above object, a first aspect of the embodiments of the present disclosure provides a key processing system based on unified multi-domain identity, the system including: an Identity Map to Public Key (IMPK) architecture and an Identity Bound Public Key (IBPK) architecture, wherein the IMPK architecture includes a Root Domain Key Management Center (RKMC) and a Domain Key Management Center (DKMC) managed thereby, and the RKMC is configured to generate a Domain private Key of the DKMC and send the Domain private Key to the corresponding DKMC; the IBPK architecture includes the DKMC and all nodes within the domain it manages.
Further, the RKMC is further configured to generate a preset private key base and a preset public key base, and distribute the preset public key base to nodes of all domains, where the preset private key base is used to cooperatively generate a domain private key, and the preset public key base is used to cooperatively generate a domain public key.
Further, the DKMC is also used to cooperatively generate private keys of all nodes within a domain.
A second aspect of the embodiments of the present disclosure provides a key processing method based on a unified multi-domain identifier, where the method is applied to a first terminal, and the method includes: generating a self-selected private key factor corresponding to the first terminal identifier, and sending a key application message to a domain key management center DKMC, wherein the key application message comprises the first terminal identifier and a self-selected public key factor corresponding to the self-selected private key factor; receiving key information returned by the DKMC, wherein the key information comprises a distributed private key factor corresponding to the first terminal identifier and generated by the cooperation of a domain private key of the DKMC and the optional public key factor; and obtaining a private key corresponding to the first terminal identification by utilizing the self-selected private key factor and the distributed private key factor.
Further, the obtaining a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distributed private key factor includes: according to sk 1 =(dsk 1 +usk 1 ) mod n, obtaining a private key sk corresponding to the first terminal identifier 1 Wherein, usk 1 For the optional private key factor, dsk 1 Mod n is a modulo n operation for the distributed private key factor.
Further, the key information further includes accompanying public key information corresponding to the first terminal identifier, and the method further includes: and obtaining the public key of the first terminal according to the first terminal identification, the accompanying public key information and the domain public key of the DKMC.
Further, when the accompanying public key information includes an accompanying public key, the obtaining the public key of the first terminal according to the first terminal identifier, the accompanying public key information, and the domain public key of the DKMC includes: according to pk 1 =apk 1 +h(ID 1 ||apk 1 )·pk 1DKMC Obtaining the public key pk of the first terminal 1 Wherein, apk 1 For said companion public key, ID 1 H () is a hash function, "| |" is a connector, pk, for the first terminal identification 1DKMC Is the domain public key of the DKMC.
Further, when the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, the obtaining the public key of the first terminal according to the first terminal identifier, the accompanying public key information, and the domain public key of the DKMC includes: according to pk 1 =apk 1 +h(ID 1 ||apk 1 ||ET 1 )·pk 1DKMC Obtaining the public key pk of the first terminal 1 Wherein, apk 1 For said companion public key, ID 1 H () is a hash function, "| |" is a connector, ET, for the first terminal identification 1 For the validity period of the accompanying public key, pk 1DKMC Is the domain public key of the DKMC.
Further, the method further comprises: using a public key corresponding to the first terminal identification generated by using a private key corresponding to the first terminal identification as a first public key; taking the public key of the first terminal generated by the first terminal identifier, the accompanying public key information and the domain public key of the DKMC as a second public key; judging whether the first public key and the second public key are equal; when the first public key is judged to be equal to the second public key, determining that a public and private key pair corresponding to the first terminal identification is correct; and when the first public key and the second public key are judged to be not equal, determining the distribution private key factor and the accompanying public key information distribution error.
Further, the method also comprises the following steps that the first terminal authenticates the signature data sent by the second terminal: receiving signature data sent by the second terminal, wherein the signature data comprises the first terminal identification, data to be verified, a signature value, a second terminal identification and accompanying public key information of the second terminal; determining a domain public key of a domain where the second terminal is located according to the domain identifier in the second terminal identifier; obtaining a public key of the second terminal according to the second terminal identification, the accompanying public key information and a domain public key of a domain where the second terminal is located; and verifying the signature value by using the public key of the second terminal and the data to be verified to obtain an authentication result of the signature data.
Further, the determining, according to the domain identifier in the second terminal identifier, the domain public key of the domain in which the second terminal is located includes: judging whether the domain identifier in the first terminal identifier is the same as the domain identifier in the second terminal identifier; when the domain identifications of the second terminal and the first terminal are the same, determining that the domain where the second terminal is located is the same as the domain where the first terminal is located, and determining the domain public key of the domain where the first terminal is located as the domain public key of the domain where the second terminal is located; and when the domain identifications of the second terminal and the first terminal are different, determining that the domain where the second terminal is located is different from the domain where the first terminal is located, and obtaining the domain public key of the domain where the second terminal is located according to a preset public key base and the domain identification in the second terminal identification.
Further, the obtaining the domain public key of the domain where the second terminal is located according to the preset public key base and the domain identifier in the second terminal identifier includes: selecting a set number factor of the hash value of the domain identifier in the second terminal identifier, and dividing the set number factor into preset segments; searching a selection factor in the preset public key base by using the set low digit in each preset segment, and taking the residual digit in each preset segment as a selection factor coefficient corresponding to the selection factor; according to
Figure BDA0003667299670000051
Obtaining a domain public key pk of the domain where the second terminal is located 2DKMC Wherein, ID 2DKMC H () is a hash function, and h () is a domain identifier of the second terminal identifier,
Figure BDA0003667299670000052
as a query function, bpk j Selecting a factor, λ, for the jth j And selecting factor coefficients for the jth, wherein k is the number of the selected factors.
Further, when the accompanying public key information includes an accompanying public key, the obtaining the public key of the second terminal according to the second terminal identifier, the accompanying public key information, and the domain public key includes: according to pk 2 =apk 2 +h(ID 2 ||apk 2 )·pk 2DKMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, pk, for the second terminal identification 2DKMC Is a domain public key of the domain in which the second terminal is located.
Further, when the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, the obtaining the public key of the second terminal according to the second terminal identifier, the accompanying public key information, and the domain public key includes: according to pk 2 =apk 2 +h(ID 2 ||apk 2 ||ET 2 )·pk 2DKMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, ET, for the second terminal identification 2 For the validity period of said accompanying public key, pk 2DKMC Is a domain public key of the domain in which the second terminal is located.
A third aspect of the embodiments of the present disclosure provides a key processing method based on a unified multi-domain identifier, where the method is applied to DKMC, and the method includes: when a key application message sent by a first terminal is received, generating a hidden private key factor, wherein the key application message comprises a first terminal identifier and a self-selected public key factor; obtaining a distribution private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the self-selected public key factor and the domain private key of the DKMC; and sending key information including the distribution private key factor to the first terminal so that the first terminal obtains a private key corresponding to the first terminal identification by using the optional private key factor and the distribution private key factor.
Further, the obtaining, according to the first terminal identifier, the hidden private key factor, the optional public key factor, and the domain private key of the DKMC, a distributed private key factor corresponding to the first terminal identifier includes: acquiring accompanying public key information corresponding to the first terminal identification according to the hidden private key factor and the self-selected public key factor; and obtaining a distribution private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the accompanying public key information and the domain private key of the DKMC.
Further, the obtaining the accompanying public key information corresponding to the first terminal identifier according to the hidden private key factor and the self-selected public key factor includes: according to hpk 1 =hsk 1 G, obtaining the hidden private key factor hsk 1 Corresponding masked public key factor hpk 1 (ii) a According to apk 1 =hpk 1 +upk 1 Obtaining the accompanying public key apk corresponding to the first terminal identification 1 And generating a validity period accompanying the public key, wherein upk 1 (ii) is the discretionary public key factor; and taking the accompanying public key corresponding to the first terminal identification and the validity period of the accompanying public key as accompanying public key information corresponding to the first terminal identification.
Further, the obtaining, according to the first terminal identifier, the hidden private key factor, the accompanying public key information, and the domain private key of the DKMC, a distributed private key factor corresponding to the first terminal identifier includes: according to dsk 1 =hsk 1 +h(ID 1 ||apk 1 ||*ET 1 )·sk 1DKMC Obtaining a private key distribution factor dsk corresponding to the first terminal identifier 1 Where h () is a hash function, "| |" is a connector, ID 1 For said first terminal identity, ET 1 For the validity period of the accompanying public key, it indicates that the content behind it is an optional factor, sk 1DKMC Is the domain private key of the DKMC.
Further, the key information further includes accompanying public key information corresponding to the first terminal identifier.
A fourth aspect of the embodiments of the present disclosure provides a key processing apparatus based on unified multi-domain identifier, where the apparatus is applied to a first terminal, and the apparatus includes: the self-selection factor generation module is used for generating a self-selection private key factor corresponding to the first terminal identifier; the communication module is used for sending a key application message to the DKMC, wherein the key application message comprises the first terminal identifier and a self-selected public key factor corresponding to the self-selected private key factor; the communication module is further configured to receive key information returned by the DKMC, where the key information includes a distribution private key factor corresponding to the first terminal identifier generated by using a domain private key of the DKMC and the optional public key factor in a cooperative manner; and the private key generation module is used for obtaining a private key corresponding to the first terminal identifier by utilizing the self-selected private key factor and the distributed private key factor.
A fifth aspect of the embodiments of the present disclosure provides a key processing apparatus based on a unified multi-domain identifier, where the apparatus is applied to DKMC, and the apparatus includes: the communication module is used for receiving a key application message sent by a first terminal, wherein the key application message comprises a first terminal identifier and a self-selected public key factor; the factor generating module is used for generating a hidden private key factor; a distribution factor generation module, configured to obtain, according to the first terminal identifier, the hidden private key factor, the optional public key factor, and the domain private key of the DKMC, a distribution private key factor corresponding to the first terminal identifier; the communication module is further configured to send key information including the distribution private key factor to the first terminal, so that the first terminal obtains a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distribution private key factor.
A sixth aspect of the embodiments of the present disclosure provides a machine-readable storage medium having stored thereon instructions for causing a machine to execute the unified multi-domain identifier-based key processing method applied to the first terminal and/or the unified multi-domain identifier-based key processing method applied to the DKMC as described in the above embodiments.
The method comprises the steps that a key processing system based on unified multi-domain identification provides a two-layer architecture system of an IMPK architecture and an IBPK architecture, wherein the IMPK architecture comprises a RKMC and a DKMC managed by the RKMC, and the RKMC is used for generating a domain private key of the DKMC and sending the domain private key to the corresponding DKMC; the IBPK architecture includes the DKMC and all nodes within the domain it manages. The embodiment of the disclosure solves the problem that cross-domain key processing cannot be performed, achieves the advantages of a certificate system and an IBC system, avoids the limitations, and can meet various requirements of the internet of things era, especially the requirements of light weight, global key processing, low time delay and the like.
Additional features and advantages of embodiments of the present disclosure will be described in detail in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the detailed description serve to explain the embodiments of the disclosure, but are not intended to limit the embodiments of the disclosure. In the drawings:
fig. 1 is a schematic architecture diagram of a key processing system based on unified multi-domain identifier according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a key processing method based on unified multi-domain identifier according to an embodiment of the present disclosure;
fig. 3 is a flowchart illustrating a process of authenticating signature data of a second terminal by a first terminal according to an embodiment of the present disclosure;
fig. 4 is a schematic flowchart of another key processing method based on unified multi-domain identifier according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a key processing apparatus based on unified multi-domain identifier according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of another key processing apparatus based on unified multi-domain identification according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings. It is to be understood that the described embodiments are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the disclosure without any inventive step, are also within the scope of protection of the disclosure.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the presently disclosed subject matter belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the specification and the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
Since public key encryption and authentication technology are basic technologies of identity authentication and data encryption in network security, the public key encryption and authentication technology is indispensable in the era of internet of things. However, the number of entities or terminals that need to perform key processing is dramatically increased due to the arrival of the internet of things, and it is difficult for the conventional PKI/CA scheme to adapt to key processing of a large number of entities, especially to key processing across domains. Therefore, the embodiment of the present disclosure provides a key processing method based on a unified multi-domain identifier, so that the key processing method not only has the advantages of a certificate system and an IBC system, but also avoids the limitations thereof, and can meet various requirements in the era of the internet of things, in particular, requirements of lightweight, global key processing, cross-domain key processing, low time delay, and the like.
The disclosed embodiment is based on an ECC public key algorithm, an ElGamal public key algorithm, etc., including but not limited to the national commercial cipher standard algorithm SM 2. For ECC public key algorithm, the base domain is set as F q ,E q Is over a finite field F q An addition cycle group of order n consisting of elliptic curves, G being E q =<G>。
Example one
In a first embodiment of the present disclosure, as shown in fig. 1, a Key processing system based on unified multi-domain Identity is provided, which includes an Identity Map to Public Key (IMPK) architecture 11 and an Identity Bound Public Key (IBPK) architecture 12. The IMPK architecture 11 includes a Root Key Management Center (RKMC) 111 and a Domain Key Management Center (DKMC) 112 managed by the Root Key Management Center, where the RKMC 111 is configured to generate a Domain private Key of the DKMC 112 and send the Domain private Key to the corresponding DKMC 112; the IBPK architecture 12 includes the DKMC 112 and all nodes 121 within the domain it manages.
The RKMC is further used for randomly generating a preset private key base and a preset public key base and distributing the preset public key base to nodes of all domains, wherein the preset private key base is used for cooperatively generating a domain private key, and the preset public key base is used for cooperatively generating a domain public key. The preset public key base contains r public keys which are recorded as BPK ═ bpk 1 ,…,bpk r }. A predetermined private key base (abbreviated as BSK) corresponding to BPK, which is denoted as BSK { BSK ═ BSK 1 ,…,bsk r }. Moreover, bsk i And bpk i Form a key pair, i.e. bpk i =bsk i G. The RKMC is the core of the whole system, the preset private key base is a core sensitive parameter, and the whole life cycles of generation, storage, use, destruction and the like of the preset private key base are all in the safety device of the RKMC, so that any external access is forbidden. In addition, the RKMC is responsible for updating the domain private key of each DKMC and the domain identification of each DKMC in addition to distributing the domain private key of each DKMC. The preset public key base is a system public parameter, is stored in each node, and can be regarded as a basic parameter in the embodiment of the disclosure as the elliptic curve used.
Wherein the DKMC is further used for collaboratively generating private keys of all nodes in a domain. In addition, the DKMC is also responsible for generating and distributing the private key distribution factors of all nodes in the domain, cooperatively updating the private key of the nodes, and performing revocation management on unified multi-domain identifiers of the nodes.
In addition, there is an edge gateway (not shown) between the DKMC and the nodes it manages to control the communication mechanism of the nodes the DKMC manages.
Wherein the RKMC represents a root domain and 1 to n DKMCs represent several different subdomains. The concept of the domain related to the embodiment of the present disclosure is widely applicable, and is described by taking a public security department as an example, all nodes governed by the public security department form a whole domain, the public security department is an RKMC in the whole domain, each provincial hall and a unit of the direct genus of the public security department constitute a plurality of sub-domains, each provincial hall and unit of the direct genus of the public security department are DKMCs under the management of the RKMC, and each node under the management of the DKMC refers to any subject, equipment and the like which need authentication.
Example two
Fig. 2 is a schematic flowchart of a key processing method based on unified multi-domain identifier according to an embodiment of the present disclosure. As shown in fig. 2, the method applied to a first terminal, that is, a node under management of a certain DKMC, includes the following steps:
step 201, generating a self-selected private key factor corresponding to the first terminal identifier, and sending a key application message to the DKMC to which the first terminal identifier belongs, wherein the key application message includes the first terminal identifier and a self-selected public key factor corresponding to the self-selected private key factor;
step 202, receiving key information returned by the DKMC, wherein the key information comprises a distributed private key factor corresponding to the first terminal identifier generated by using the domain private key of the DKMC and the optional public key factor in a cooperative manner;
and 203, obtaining a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distributed private key factor.
In the Unified Multi-domain Identity (UMI) proposed in the embodiment of the present disclosure, each different identifier may have a public key and a private key pair. The UMI mark at least comprises two sections, the front section is a domain mark, and the rear end is a node mark (including a user, equipment and the like) in the domain. Since the root domain also occupies a domain identifier, if the domain identifier has a length of k, the universe may contain 2 k -1 subdomain. If the length of node mark in the domain is l, the number of entities in the domain can reach 2 l 1, so that the identification length of each node of the universe is k + l.
The first terminal randomly generates a self-selection private key factor usk corresponding to the first terminal identifier 1 . In addition, when the self-selection private key factor is generated, the self-selection public key factor upk corresponding to the self-selection private key factor can be obtained by utilizing the elliptic curve base point and the self-selection private key factor 1 I.e. upk 1 =usk 1 G. Then, in order to apply for a private key, the first terminal will comprise the first terminalAnd the identification and the self-selected public key factor corresponding to the self-selected private key factor are sent to the DKMC to which the identification belongs.
And after receiving the key information returned by the DKMC, the first terminal generates a private key by using the distribution private key factor and the optional private key factor. Specifically, the private key sk corresponding to the first terminal identifier is obtained according to the following formula (1) 1
sk 1 =(dsk 1 +usk 1 ) mod n formula (1)
Wherein, usk 1 For the discretionary private key factor, dsk 1 Mod n is a modulo n operation for the distributed private key factor. And the private key corresponding to the first terminal identification can be used for the data signature process.
In addition, the key information further includes accompanying public key information corresponding to the first terminal identifier, and the first terminal can obtain the public key of the first terminal according to the first terminal identifier, the accompanying public key information, and the domain public key of the DKMC.
Specifically, when the accompanying public key information includes an accompanying public key, the public key pk of the first terminal is obtained according to the following formula (2) 1
pk 1 =apk 1 +h(ID 1 ||apk 1 )·pk 1DKMC Formula (2)
Wherein, apk 1 For said companion public key, ID 1 H () is a hash function, "| |" is a connector, pk, for the first terminal identification 1DKMC Is the domain public key of the DKMC.
And when the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, obtaining a public key pk of the first terminal according to the following formula (3) 1
pk 1 =apk 1 +h(ID 1 ||apk 1 ||ET 1 )·pk 1DKMC Formula (3)
Wherein, apk 1 For said companion public key, ID 1 H () is a hash function and "|" is a connection for the first terminal identificationMeet, ET 1 For the validity period of said accompanying public key, pk 1DKMC Is the domain public key of the DKMC.
Wherein, since the first terminal exists in the DKMC, the domain public key of the DKMC needs to be cooperatively calculated when calculating the public key thereof. And the domain public key of the DKMC may be obtained by:
selecting a set number factor of a hash value of a domain identifier in the first terminal identifier, dividing the set number factor into preset segments, searching for a selection factor in a preset public key base by using a set low digit in each preset segment, taking the remaining digit in each preset segment as a selection factor coefficient corresponding to the selection factor, and then obtaining a domain public key pk of the domain where the first terminal is located according to the following formula (4) 1DKMC
Figure BDA0003667299670000141
Wherein the ID 1DKMC H () is a hash function, which is a domain identifier of the first terminal identifier,
Figure BDA0003667299670000142
as a query function, bpk j Selecting a factor, λ, for the jth j And selecting factor coefficients for the jth, wherein k is the number of the selected factors.
Specifically, a hash value h (ID) of the domain identifier in the first terminal identifier is calculated 1DKMC ) A set number factor is selected from the hash values, and the set number l is 256, 160, or 128. Then, the set number factor is divided into preset segments k, and l is an integral multiple of k. Assuming that the length of each preset segment is m, l equals mk. And obtaining the selection factors in the preset public key base corresponding to each preset section by using the set low-order bit t in each preset section, so that the selection factors can be obtained by the number of preset sections, namely the k selection factors can be obtained. Then using the residual digit in each preset segment as the corresponding selection factor coefficient, i.e. m in each preset segmentThe-t bit is used as the selection factor coefficient, then the k selection factor coefficients are obtained as lambda 12 ,…,λ k . Thereby obtaining the domain public key pk of the domain where the first terminal is located according to the above formula (4) 1DKMC . In addition, in order to adapt to the situation that the storage space of the terminal is limited, k is 4 and t is 2.
Similarly, when the first terminal acquires the identifier of another terminal, the domain identifier of the domain where the other terminal is located may be calculated, and whether the other terminal and the first terminal are in the same domain or across domains, the domain identifier may be obtained through the above formula (4), and only the domain identifier in the identifier of the first terminal in the formula (4) may be replaced by the domain identifier in the identifier of the other terminal.
After the first terminal calculates its private key through formula (1), the public key corresponding to the first terminal identifier, that is, pk ', may be generated by using the private key corresponding to the first terminal identifier' 1 =sk 1 G, and using the public key as a first public key, and using the public key of the first terminal generated by using the first terminal identifier, the associated public key information, and the domain public key of the DKMC as a second public key, that is, using the public key pk obtained in formula (2) or formula (3) 1 As the second public key. Then, judging whether the first public key is equal to the second public key, and when the first public key is judged to be equal to the second public key, determining that a public and private key pair corresponding to the first terminal identifier is correct; and when the first public key and the second public key are judged to be unequal, determining that the distribution private key factor and the accompanying public key information are wrongly distributed, and needing to redistribute the DKMC.
Under the condition that the first terminal can calculate the domain identifier of the domain where the other terminal is located by using the domain identifier in the other terminal identifier, when the first terminal acquires the signature data of the other terminal, the universe authentication can be realized, that is, the public key-based authentication including intra-domain authentication and cross-domain authentication can be performed at any two ends of the root domain and all sub-domains.
Fig. 3 is a schematic flowchart of an authentication process performed by the first terminal on signature data sent by the second terminal according to an embodiment of the present disclosure. As shown in fig. 3, the method comprises the following steps:
step 301, receiving signature data sent by the second terminal, where the signature data includes the first terminal identifier, data to be verified, a signature value, a second terminal identifier, and accompanying public key information of the second terminal.
The first terminal and the second terminal are two nodes in a whole domain, and when bidirectional unified strong authentication needs to be performed between the second terminal and the first terminal, namely authentication is performed by using a digital signature based on an asymmetric algorithm, taking the case that the second terminal sends signature data to the first terminal as an example, the first terminal needs to verify a signature value in the signature data by using a public key of the second terminal.
And M is data to be verified and is data which is sent by the second terminal to the first terminal and needs to be verified. S 2 For signature value, in the disclosed embodiment, S 2 =Sig(sk 2 ,h(ID 2 I | M)), i.e., the signature content contains the second terminal identification ID 2 And data M. We usually use the sign Sig ψ (sk A M) indicates that the node A adopts the signature algorithm psi and the own private key sk A The message M is signed. When psi is the default algorithm, it is abbreviated as Sig (sk) A M). Since the hash value h (M) of M is used in the actual signature, Sig may be written ψ (sk A ,h(M))。
In addition, ID 2 And identifying the second terminal. When the validity period of the accompanying public key is issued, the accompanying public key information includes an accompanying public key apk of the second terminal 2 A validity period ET with the accompanying public key 2 . When a validity period accompanying a public key is not issued, the accompanying public key information includes an accompanying public key apk of the second terminal 2
Step 302, determining a domain public key of the domain where the second terminal is located according to the domain identifier in the second terminal identifier.
Wherein the first terminal and the second terminal may exist in the same sub-domain or exist in different sub-domains. Therefore, whether the domain identifier in the first terminal identifier and the domain identifier in the second terminal identifier are in the same sub-domain can be determined by judging whether the domain identifiers are the same. Since the identity of each terminal contains two contents: a domain identification and an intra-domain identification. Therefore, when the domain identifications of the second terminal and the first terminal are determined to be the same, the domain where the second terminal is located is determined to be the same as the domain where the first terminal is located, and the domain public key of the domain where the first terminal is located is determined to be the domain public key of the domain where the second terminal is located, namely the domain public keys of the second terminal and the first terminal are the same and known.
And when the domain identifications of the second terminal and the first terminal are different, determining that the domain where the second terminal is located is different from the domain where the first terminal is located, and obtaining the domain public key of the domain where the second terminal is located according to a preset public key base and the domain identification in the second terminal identification. Since each terminal locally stores the same global preset public key base BPK ═ bpk 1 ,…,bpk r Thus, it can participate in the computation using a locally stored pre-set public key base.
Specifically, a set number factor of the hash value of the domain identifier in the second terminal identifier is selected, and the set number factor is divided into preset segments. First, a hash value h (ID) of a domain identifier in the second terminal identifier is calculated 2DKMC ) A predetermined number factor is selected, typically 256, 160 or 128. Then, the set number factor is divided into preset segments k, and l is an integral multiple of k. Assuming that the length of each preset segment is m, l equals mk. And obtaining the selection factors in the preset public key base corresponding to each preset section by using the set low digit t in each preset section, so that the selection factors can be obtained by how many preset sections, namely k selection factors. Then, the residual bit number in each preset segment is taken as a corresponding selection factor coefficient, namely m-t bits are taken as selection factor coefficients, and the obtained k selection factor coefficients are lambda 12 ,…,λ k . Then, a domain public key pk of a domain where the second terminal is located is obtained according to the following formula (5) 2DKMC
Figure BDA0003667299670000171
Wherein the ID 2DKMC H () is a hash function, which is a domain identifier of the second terminal identifier,
Figure BDA0003667299670000172
as a query function, bpk j Selecting a factor, λ, for the jth j And selecting factor coefficients for the jth, wherein k is the number of the selected factors, namely the preset section. Similarly, in order to adapt to the situation of limited storage space of the terminal, k is 4 and t is 2.
Step 303, obtaining the public key of the second terminal according to the second terminal identifier, the accompanying public key information and the domain public key of the domain where the second terminal is located.
Through the step 202, the domain public key of the domain where the second terminal is located can be obtained no matter the first terminal and the second terminal are in the same domain or across domains.
When the accompanying public key information includes an accompanying public key apk 2 Then, the public key pk of the second terminal is obtained according to the following formula (6) 2
pk 2 =apk 2 +h(ID 2 ||apk 2 )·pk 2DKMC Formula (6)
Where "| |" is a connector.
When the accompanying public key information includes an accompanying public key apk 2 And a validity period ET of said accompanying public key 2 Then, the public key pk of the second terminal is obtained according to the following formula (7) 2
pk 2 =apk 2 +h(ID 2 ||apk 2 ||ET 2 )·pk 2DKMC Formula (7)
And 304, verifying the signature value by using the public key of the second terminal and the data to be verified to obtain an authentication result of the signature data.
The first terminal can utilize the public key pk of the second terminal 2 And the data to be verified verifies the signature value S 2 . If it isIf the verification is passed, the identity of the second terminal is authenticated, and meanwhile, the fact that the data M is really sent to the first terminal by the second terminal is verified. That is to say, the authentication content in the embodiment of the present disclosure includes that the second terminal is a real source, that is, the identity of the second terminal is authenticated, and also includes that the first terminal is a destination specified by the second terminal, that is, the identity of the message receiver is authenticated, and meanwhile, the integrity of the data M is also authenticated. If M includes a time value, the freshness of data M, i.e. the real-time property of communication, can be further authenticated.
In addition, if an encrypted service is required during authentication, it is only necessary that both parties authenticate and negotiate a session key, or that one party specifies a session key, encrypts the session key with the public key of the other party, and then places the encrypted data in M.
The authentication process of the second terminal for the signature data of the first terminal is similar to the above embodiment, and is not described here again.
The first terminal and the second terminal can perform cross-domain authentication, and the key point is that the universe has the same preset public key base, so that the first terminal and the second terminal can calculate the domain public key of the opposite domain from the preset public key base although the first terminal and the second terminal are not in the same domain, and the public key of the opposite domain can be calculated. In addition, considering that the storage space of many end nodes may be limited, and therefore the public key base should not be too large, we propose r ≦ 16.
In addition, when the first terminal needs to send encrypted data to the second terminal, the public key of the second terminal is also used to encrypt the data to be encrypted, and the public key of the second terminal is obtained through the above formula (6) or formula (7) after obtaining the accompanying public key information of the second terminal, so as to encrypt the data to be encrypted, and after the second terminal obtains the encrypted data, the private key of the second terminal is obtained through the embodiment shown in fig. 2, and the second terminal decrypts the encrypted data.
The embodiment of the disclosure is based on a lightweight cryptographic algorithm, has a wide application range, does not use a certificate, has a correspondence or binding relationship between a public key of a terminal (host or entity) and an identity thereof, is different from IBC, can realize intra-domain authentication of multiple domains, cross-domain authentication between multiple domains, and the like, and has a small authentication delay. Above the multiple domains is a root domain, which forms a universe with its sub-domains, hence the name universe authentication. The entity public key is obtained by a user (a data encryptor or a digital signature verifier) through calculation, and the calculation process needs to use the identification of a public key owner and the domain public key of the domain to which the public key belongs, so that the calculation process of the public key is the certification process of the public key, and the method is a lightweight public key management method of a light center. The method does not depend on a public key certificate (PKI CA) and is different from an identity code cryptosystem (IBC), and can effectively reduce the calculation amount brought by verifying the public key certificate and the communication amount transmitted by the certificate. The public key management system is simple, the construction and operation and maintenance costs are low, and the method is particularly suitable for scenes with limited network environment, computing resources and communication resources, including scenes of the Internet of things.
EXAMPLE III
Fig. 4 is a schematic flowchart of a key processing method based on unified multi-domain identifier according to an embodiment of the present disclosure. As shown in fig. 4, the method is applied to DKMC, comprising the steps of:
step 401, when receiving a key application message sent by a first terminal, generating a hidden private key factor, where the key application message includes the first terminal identifier and a self-selected public key factor;
step 402, obtaining a private key distribution factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the optional public key factor and the domain private key of the DKMC;
step 403, sending key information including the private key distribution factor to the first terminal, so that the first terminal obtains a private key corresponding to the first terminal identifier by using the self-selected private key factor and the private key distribution factor.
When the DKMC receives a key application message sent by the first terminal, a hidden private key factor hsk is randomly generated 1 And then based on the hidden private key factor and the self-selected public key factorAnd obtaining the accompanying public key information corresponding to the first terminal identification. Specifically, the hidden private key factor hsk is obtained according to the following formula (8) 1 Corresponding masked public key factor hpk 1
hpk 1 =hsk 1 G formula (8)
Then, obtaining an accompanying public key apk corresponding to the first terminal identifier according to the following formula (9) 1
apk 1 =hpk 1 +upk 1 Formula (9)
Upk therein 1 And selecting the public key factor for the user. Generating the validity period ET of the accompanying public key 1 . And taking the accompanying public key corresponding to the first terminal identification and the validity period of the accompanying public key as accompanying public key information corresponding to the first terminal identification.
And then, obtaining a distributed private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the accompanying public key information and the domain private key of the DKMC. Specifically, the distributed private key factor dsk corresponding to the first terminal identifier is obtained according to the following formula (10) 1
dsk 1 =hsk 1 +h(ID 1 ||apk 1 ||*ET 1 )·sk 1DKMC Formula (10)
Where h () is a hash function, "| |" is a connector, ID 1 For said first terminal identity, ET 1 For the validity period of the accompanying public key, it indicates that the content behind it is an optional factor, sk 1DKMC Is the domain private key of the DKMC.
In addition, while sending the distribution private key factor to the first terminal, accompanying public key information corresponding to the first terminal identifier may also be included in the key information.
In addition, the domain private key of the DKMC is generated by the RKMC, but the generation process is similar to the generation process of the domain public key, but the preset public key base is replaced by the preset private key base.
Example four
Fig. 5 is a schematic structural diagram of a key processing apparatus based on unified multi-domain identity according to an embodiment of the present disclosure. As shown in fig. 5, the apparatus is applied to a first terminal, and the apparatus 50 includes: a self-selection factor generating module 51, configured to generate a self-selection private key factor corresponding to the first terminal identifier; a communication module 52, configured to send a key application message to the DKMC, where the key application message includes the first terminal identifier and a self-selected public key factor corresponding to the self-selected private key factor; the communication module is further configured to receive key information returned by the DKMC, where the key information includes a distribution private key factor corresponding to the first terminal identifier generated by using a domain private key of the DKMC and the optional public key factor in a cooperative manner; and the private key generating module 53 is configured to obtain a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distributed private key factor.
Further, the private key generation module is specifically configured to: according to sk 1 =(dsk 1 +usk 1 ) mod n, obtaining a private key sk corresponding to the first terminal identifier 1 Wherein, usk 1 For the discretionary private key factor, dsk 1 Mod n is a modulo n operation for the distributed private key factor.
Further, the key information further includes accompanying public key information corresponding to the first terminal identifier, and the apparatus further includes: a public key generating module 54, configured to obtain the public key of the first terminal according to the first terminal identifier, the accompanying public key information, and the domain public key of the DKMC.
Further, when the accompanying public key information includes an accompanying public key, the public key generating module is specifically configured to: according to pk 1 =apk 1 +h(ID 1 ||apk 1 )·pk 1DKMC Obtaining the public key pk of the first terminal 1 Wherein, apk 1 For said companion public key, ID 1 H () is a hash function, "| |" is a connector, pk, for the first terminal identification 1DKMC Is the domain public key of the DKMC.
Further, when the partnerWhen the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, the public key generating module is specifically configured to: according to pk 1 =apk 1 +h(ID 1 ||apk 1 ||ET 1 )·pk 1DKMC Obtaining the public key pk of the first terminal 1 Wherein, apk 1 For said companion public key, ID 1 H () is a hash function, "| |" is a connector, ET, for the first terminal identification 1 For the validity period of the accompanying public key, pk 1DKMC Is the domain public key of the DKMC.
Further, the apparatus further comprises: a private key verification module 55, configured to use a public key corresponding to the first terminal identifier, generated by using a private key corresponding to the first terminal identifier, as a first public key; taking the public key of the first terminal generated by the first terminal identifier, the accompanying public key information and the domain public key of the DKMC as a second public key; judging whether the first public key and the second public key are equal; when the first public key is judged to be equal to the second public key, determining that a public and private key pair corresponding to the first terminal identification is correct; and when the first public key and the second public key are judged to be not equal, determining the distribution private key factor and the accompanying public key information distribution error.
Further, the method further comprises: an authentication module 56, configured to perform an authentication process on the signature data sent by the second terminal by the first terminal; the communication module is further configured to receive signature data sent by the second terminal, where the signature data includes the first terminal identifier, data to be verified, a signature value, a second terminal identifier, and accompanying public key information of the second terminal; the authentication module is specifically configured to: determining a domain public key of a domain where the second terminal is located according to the domain identifier in the second terminal identifier; obtaining a public key of the second terminal according to the second terminal identification, the accompanying public key information and a domain public key of a domain where the second terminal is located; and verifying the signature value by using the public key of the second terminal and the data to be verified to obtain an authentication result of the signature data.
Further, the authentication module is further configured to: judging whether the domain identifier in the first terminal identifier is the same as the domain identifier in the second terminal identifier; when the domain identifications of the second terminal and the first terminal are the same, determining that the domain where the second terminal is located is the same as the domain where the first terminal is located, and determining the domain public key of the domain where the first terminal is located as the domain public key of the domain where the second terminal is located; and when the domain identifications of the second terminal and the first terminal are different, determining that the domain where the second terminal is located is different from the domain where the first terminal is located, and obtaining the domain public key of the domain where the second terminal is located according to a preset public key base and the domain identification in the second terminal identification.
Further, the authentication module is further configured to: selecting a set number factor of the hash value of the domain identifier in the second terminal identifier, and dividing the set number factor into preset segments; searching a selection factor in the preset public key base by using the set low digit in each preset segment, and taking the residual digit in each preset segment as a selection factor coefficient corresponding to the selection factor; according to
Figure BDA0003667299670000241
Obtaining a domain public key pk of the domain where the second terminal is located 2DKmC Wherein, ID 2DKMC H () is a hash function, which is a domain identifier of the second terminal identifier,
Figure BDA0003667299670000242
as a query function, bpk j Selecting a factor, λ, for the jth j And selecting factor coefficients for the jth, wherein k is the number of the selected factors.
Further, when the accompanying public key information includes an accompanying public key, the authentication module is further configured to: according to pk 2 =apk 2 +h(ID 2 ||apk 2 )·pk 2DkMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, pk, for the second terminal identification 2DKMC Is the domain public key of the domain where the second terminal is located.
Further, when the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, the authentication module is further configured to: according to pk 2 =apk 2 +h(ID 2 ||apk 2 ||ET 2 )·pk 2DKMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, ET, for the second terminal identification 2 For the validity period of said accompanying public key, pk 2DKMC Is the domain public key of the domain where the second terminal is located.
The specific working principle and benefits of the key processing apparatus based on the unified multi-domain identifier provided in the embodiment of the present disclosure are similar to those of the key processing method based on the unified multi-domain identifier provided in the second embodiment of the present disclosure, and will not be described herein again.
EXAMPLE five
Fig. 6 is a schematic structural diagram of a key processing apparatus based on unified multi-domain identity according to an embodiment of the present disclosure. As shown in fig. 6, the apparatus is applied to DKMC, and the apparatus 60 includes: a communication module 61, configured to receive a key application message sent by a first terminal, where the key application message includes the first terminal identifier and a self-selected public key factor; a factor generation module 62 for generating a hidden private key factor; a distribution factor generating module 63, configured to obtain a distribution private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the optional public key factor, and the domain private key of the DKMC; the communication module is further configured to send key information including the distribution private key factor to the first terminal, so that the first terminal obtains a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distribution private key factor.
Further, the distribution factor generating module is specifically configured to: acquiring accompanying public key information corresponding to the first terminal identification according to the hidden private key factor and the self-selected public key factor; and obtaining a distribution private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the accompanying public key information and the domain private key of the DKMC.
Further, the distribution factor generation module is further configured to: according to hpk 1 =hsk 1 G, obtaining the hidden private key factor hsk 1 Corresponding masked public key factor hpk 1 (ii) a According to apk 1 =hpk 1 +upk 1 Obtaining the accompanying public key apk corresponding to the first terminal identification 1 And generating a validity period accompanying the public key, wherein upk 1 (ii) is the discretionary public key factor; and taking the accompanying public key corresponding to the first terminal identification and the validity period of the accompanying public key as accompanying public key information corresponding to the first terminal identification.
Further, the distribution factor generation module is further configured to: according to dsk 1 =hsk 1 +h(ID 1 ||apk 1 ||*ET 1 )·sk 1DKMC Obtaining dsk a distribution private key factor corresponding to the first terminal identifier 1 Where h () is a hash function, "| |" is a connector, ID 1 For said first terminal identity, ET 1 For the validity period of the accompanying public key, it indicates that the content behind it is an optional factor, sk 1DKMC Is the domain private key of the DKMC.
Further, the key information further includes accompanying public key information corresponding to the first terminal identifier.
Example six
The disclosed embodiment provides a machine-readable storage medium, where the machine-readable storage medium has stored thereon an instruction for causing a machine to execute the key management method based on unified multi-domain identifier described in the second embodiment and/or the key management method based on unified multi-domain identifier described in the third embodiment.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art to which the present application pertains. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. A unified multi-domain identity based key processing system, the system comprising: the identity mapping public key IMPK framework and the identity binding public key IBPK framework,
the IMPK architecture comprises a root domain key management center (RKMC) and a Domain Key Management Center (DKMC) managed by the RKMC, wherein the RKMC is used for generating a domain private key of the DKMC and sending the domain private key to the corresponding DKMC;
the IBPK architecture includes the DKMC and all nodes within the domain it manages.
2. A key processing method based on unified multi-domain identity is characterized in that the method is applied to a first terminal, and the method comprises the following steps:
generating a self-selected private key factor corresponding to the first terminal identifier, and sending a key application message to a domain key management center DKMC, wherein the key application message comprises the first terminal identifier and a self-selected public key factor corresponding to the self-selected private key factor;
receiving key information returned by the DKMC, wherein the key information comprises a distributed private key factor corresponding to the first terminal identifier and generated by the cooperation of a domain private key of the DKMC and the optional public key factor;
and obtaining a private key corresponding to the first terminal identification by utilizing the self-selected private key factor and the distributed private key factor.
3. The method for processing the key based on the unified multi-domain identifier as claimed in claim 2, wherein the method further comprises the following steps of the first terminal authenticating the signature data sent by the second terminal:
receiving signature data sent by the second terminal, wherein the signature data comprises the first terminal identification, data to be verified, a signature value, a second terminal identification and accompanying public key information of the second terminal;
determining a domain public key of a domain where the second terminal is located according to the domain identifier in the second terminal identifier;
obtaining a public key of the second terminal according to the second terminal identification, the accompanying public key information and a domain public key of a domain where the second terminal is located;
and verifying the signature value by using the public key of the second terminal and the data to be verified to obtain an authentication result of the signature data.
4. The method according to claim 3, wherein determining the domain public key of the domain where the second terminal is located according to the second terminal identifier comprises:
judging whether the domain identifier in the first terminal identifier is the same as the domain identifier in the second terminal identifier;
when the domain identifications of the second terminal and the first terminal are the same, determining that the domain where the second terminal is located is the same as the domain where the first terminal is located, and determining the domain public key of the domain where the first terminal is located as the domain public key of the domain where the second terminal is located;
and when the domain identifications of the second terminal and the first terminal are different, determining that the domain where the second terminal is located is different from the domain where the first terminal is located, and obtaining the domain public key of the domain where the second terminal is located according to a preset public key base and the domain identification in the second terminal identification.
5. The key processing method according to claim 4, wherein obtaining the domain public key of the domain where the second terminal is located according to the preset public key base and the domain identifier in the second terminal identifier comprises:
selecting a set number factor of the hash value of the domain identifier in the second terminal identifier, and dividing the set number factor into preset segments;
searching a selection factor in the preset public key base by using the set low digit in each preset segment, and taking the residual digit in each preset segment as a selection factor coefficient corresponding to the selection factor;
according to
Figure FDA0003667299660000031
Obtaining a domain public key pk of the domain of the second terminal 2DKMC Wherein ID 2DKMC H () is a hash function, which is a domain identifier of the second terminal identifier,
Figure FDA0003667299660000032
as a query function, bpk j Selecting a factor, λ, for the jth j And selecting factor coefficients for the jth, wherein k is the number of the selected factors.
6. The key processing method according to claim 3, wherein when the accompanying public key information includes an accompanying public key, the obtaining the public key of the second terminal according to the second terminal identifier, the accompanying public key information, and a domain public key of a domain where the second terminal is located includes:
according to pk 2 =apk 2 +h(ID 2 ||apk 2 )·pk 2DKMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, pk, for the second terminal identification 2DKMC Is a domain public key of the domain in which the second terminal is located.
7. The key processing method according to claim 3, wherein when the accompanying public key information includes an accompanying public key and a validity period of the accompanying public key, the obtaining the public key of the second terminal according to the second terminal identifier, the accompanying public key information, and a domain public key of a domain in which the second terminal is located comprises:
according to pk 2 =apk 2 +h(ID 2 ||apk 2 ||ET 2 )·pk 2DKMC Obtaining the public key pk of the second terminal 2 Wherein, apk 2 For said companion public key, ID 2 H () is a hash function, "| |" is a connector, ET, for the second terminal identification 2 For the companion public keyEffective period of (2), pk 2DKMC Is the domain public key of the domain where the second terminal is located.
8. A key processing method based on unified multi-domain identification is characterized in that the method is applied to a Domain Key Management Center (DKMC), and the method comprises the following steps:
when a key application message sent by a first terminal is received, generating a hidden private key factor, wherein the key application message comprises a first terminal identifier and a self-selected public key factor;
obtaining a distribution private key factor corresponding to the first terminal identifier according to the first terminal identifier, the hidden private key factor, the self-selected public key factor and the domain private key of the DKMC;
and sending key information including the distribution private key factor to the first terminal so that the first terminal obtains a private key corresponding to the first terminal identification by using the optional private key factor and the distribution private key factor.
9. A key processing device based on unified multi-domain identity, which is applied to a first terminal, comprises:
the self-selection factor generation module is used for generating a self-selection private key factor corresponding to the first terminal identifier;
the communication module is used for sending a key application message to a domain key management center DKMC, wherein the key application message comprises the first terminal identification and a self-selected public key factor corresponding to the self-selected private key factor;
the communication module is further configured to receive key information returned by the DKMC, where the key information includes a distribution private key factor corresponding to the first terminal identifier and generated by using a domain private key of the DKMC and the optional public key factor;
and the private key generation module is used for obtaining a private key corresponding to the first terminal identifier by utilizing the self-selected private key factor and the distributed private key factor.
10. A key processing device based on unified multi-domain identity (MMID), which is applied to a Domain Key Management Center (DKMC), comprises:
the communication module is used for receiving a key application message sent by a first terminal, wherein the key application message comprises a first terminal identifier and a self-selected public key factor;
the factor generation module is used for generating a hidden private key factor;
a distribution factor generation module, configured to obtain, according to the first terminal identifier, the hidden private key factor, the optional public key factor, and the domain private key of the DKMC, a distribution private key factor corresponding to the first terminal identifier;
the communication module is further configured to send key information including the distribution private key factor to the first terminal, so that the first terminal obtains a private key corresponding to the first terminal identifier by using the self-selected private key factor and the distribution private key factor.
CN202210594925.8A 2022-05-23 2022-05-27 Key processing method, device and system based on unified multi-domain identifier Pending CN115001673A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2022105647703 2022-05-23
CN202210564770 2022-05-23

Publications (1)

Publication Number Publication Date
CN115001673A true CN115001673A (en) 2022-09-02

Family

ID=83029929

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210594925.8A Pending CN115001673A (en) 2022-05-23 2022-05-27 Key processing method, device and system based on unified multi-domain identifier

Country Status (1)

Country Link
CN (1) CN115001673A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117479154A (en) * 2023-12-25 2024-01-30 悠密科技(北京)有限公司 Office terminal data processing method and system based on unified multi-domain identification authentication

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117479154A (en) * 2023-12-25 2024-01-30 悠密科技(北京)有限公司 Office terminal data processing method and system based on unified multi-domain identification authentication
CN117479154B (en) * 2023-12-25 2024-04-05 悠密科技(北京)有限公司 Office terminal data processing method and system based on unified multi-domain identification authentication

Similar Documents

Publication Publication Date Title
US10903991B1 (en) Systems and methods for generating signatures
Wang et al. BlockCAM: a blockchain-based cross-domain authentication model
CN108418783B (en) Method and medium for protecting privacy of intelligent contracts of block chains
JP6515246B2 (en) Determination of common secrets for the secure exchange of information and hierarchical and deterministic encryption keys
US9065637B2 (en) System and method for securing private keys issued from distributed private key generator (D-PKG) nodes
JP5130318B2 (en) Certificate-based encryption and public key structure infrastructure
CN109711184B (en) Block chain data access control method and device based on attribute encryption
CN102420691B (en) Certificate-based forward security signature method and system thereof
US20020108042A1 (en) Public key certificate issuing system, Public key certificate issuing method, digital certification apparatus, and program storage medium
US20040165728A1 (en) Limiting service provision to group members
EP3387576B1 (en) Apparatus and method for certificate enrollment
WO2008113279A1 (en) A method, system and communication device for generating session cryptographic
CN111277415A (en) Privacy protection method and device based on block chain intelligent contract
CN114710275B (en) Cross-domain authentication and key negotiation method based on blockchain in Internet of things environment
Win et al. Privacy enabled digital rights management without trusted third party assumption
WO2023184858A1 (en) Timestamp generation method and apparatus, and electronic device and storage medium
CN115001673A (en) Key processing method, device and system based on unified multi-domain identifier
CN114697001B (en) Information encryption transmission method, equipment and medium based on blockchain
Yin et al. PKI-based cryptography for secure cloud data storage using ECC
Barker et al. SP 800-56A. recommendation for pair-wise key establishment schemes using discrete logarithm cryptography (revised)
Kardaş et al. Solving the secure storage dilemma: An efficient scheme for secure deduplication with privacy-preserving public auditing
TWI747659B (en) Iot system and privacy authorization method
CN115604030B (en) Data sharing method, device, electronic equipment and storage medium
CN117176350A (en) Combined public key processing method and system for multi-center cross-domain authentication
Lyu et al. AATM: An Anonymous Authentication Protocol for Time Span of Membership with Self-blindness and Accountability

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20230714

Address after: Room 2402, Unit 1, Building 83, Yard 5, Jianxue Street, Jinshui District, Zhengzhou City, Henan Province 450000

Applicant after: Li Yifa

Address before: 450000 No. 97, Wenhua Road, Jinshui District, Henan, Zhengzhou

Applicant before: Kong Xueman