CN115001681A - Key recovery method, device, system, storage medium and electronic device - Google Patents

Key recovery method, device, system, storage medium and electronic device Download PDF

Info

Publication number
CN115001681A
CN115001681A CN202210753849.0A CN202210753849A CN115001681A CN 115001681 A CN115001681 A CN 115001681A CN 202210753849 A CN202210753849 A CN 202210753849A CN 115001681 A CN115001681 A CN 115001681A
Authority
CN
China
Prior art keywords
target
sub
key
ciphertexts
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210753849.0A
Other languages
Chinese (zh)
Inventor
张依梦
冷国强
张军昌
魏东
文良君
陈芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Dahua Technology Co Ltd
Original Assignee
Zhejiang Dahua Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Dahua Technology Co Ltd filed Critical Zhejiang Dahua Technology Co Ltd
Priority to CN202210753849.0A priority Critical patent/CN115001681A/en
Publication of CN115001681A publication Critical patent/CN115001681A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides a key recovery method, a device, a system, a storage medium and an electronic device, wherein the method comprises the following steps: acquiring N sub-ciphertexts, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting N sub-keys by a second object by using a target public key and are respectively sent to N third objects, the N sub-keys are keys which are obtained by fragmenting the target key by the second object, and the N sub-ciphertexts are obtained by informing the N third objects to respectively send to the first object by the second object after the first object sends a first target request to the second object to request for recovering the target key; and decrypting the N sub-ciphertexts by using a target private key to recover a target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm. The invention solves the problem of lower security of the secret key in the related technology and achieves the effect of improving the security of the secret key.

Description

Key recovery method, device, system, storage medium and electronic device
Technical Field
The embodiment of the invention relates to the field of key management, in particular to a method, a device, a system, a storage medium and an electronic device for recovering a key.
Background
In the era of network interworking, the issue of data security is becoming a focus of attention, and for secure storage or sharing of data, data is usually encrypted by using a key to ensure the security of the data, and the key is stored securely, which has a risk of a single point of failure. In other words, if the device storing the key fails or is attacked from the outside, the key is unusable or lost. Therefore, the idea of distributed key storage is more suitable for practical application.
At present, in the existing scheme, most of the concepts of the threshold are utilized to realize distributed storage of the key, each participant possesses the key fragment, and the key can be recovered by the key fragments reaching the threshold number. However, the related art scheme cannot prevent the problem of collusion between participants; in addition, the recovery of the key can only be realized by the participant who owns the key fragment, and if the key fragment is sent to other participants, the key may be leaked. Therefore, the related art has a problem that the security of the key is low.
Aiming at the problem of low security of the key in the related art, no effective solution is proposed at present.
Disclosure of Invention
Embodiments of the present invention provide a method, an apparatus, a system, a storage medium, and an electronic apparatus for recovering a secret key, so as to at least solve the problem of low security of the secret key in the related art.
According to an embodiment of the present invention, there is provided a key recovery method applied to a first object, including: obtaining N sub-ciphertexts, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting N sub-keys by a second object by using a target public key and are respectively sent to N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the N sub-ciphertexts are keys which are obtained by informing the N third objects to respectively send to the first object by the second object after the first object sends a first target request to the second object, the first target request is used for requesting to recover the target key, and N is a positive integer greater than or equal to 2; decrypting the N sub ciphertexts by using a target private key to recover the target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm.
In one exemplary embodiment, decrypting the N sub-ciphertexts with a target private key to recover the target key comprises: decrypting the N sub-ciphertexts by using the target private key respectively to obtain N sub-keys; recovering the target key based on the N sub-keys.
In one exemplary embodiment, recovering the target key based on the N subkeys includes: and adding the N sub-keys to obtain the target key.
In one exemplary embodiment, before obtaining the N sub-ciphertexts, the method further includes: receiving a second target request sent by the second object, wherein the second target request is used for requesting to acquire the target public key; and after the identity of the second object is authenticated and the authentication is passed, sending the target public key to the second object to indicate the second object to encrypt the N sub-keys by using the target public key so as to obtain N sub-ciphertexts.
In one exemplary embodiment, sending the target public key to the second object includes: and sending the target public key to the second object to indicate the second object to destroy the target key and the N sub-keys.
In one exemplary embodiment, sending the target public key to the second object includes: and sending the target public key to the second object to indicate the second object to send the N sub-ciphertexts to the N third objects respectively after the N third objects are subjected to identity authentication and the authentication is passed.
In one exemplary embodiment, the method further comprises: receiving a third target request, wherein the third target request is sent by a first target sub-object after performing a predetermined operation and obtaining a target ciphertext, the third target request is used for requesting decryption of the target ciphertext to recover the target key, the first target sub-object is any one of the N third objects, and the predetermined operation includes: the first target sub-object sends a fourth target request to a second target sub-object to request to acquire a second sub-ciphertext, wherein the second target sub-object is all objects, except the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object; acquiring the second sub ciphertext, wherein the second sub ciphertext is formed by the sub ciphertext which is sent after each object in the second target sub-object performs identity authentication on the first target sub-object and passes the authentication; adding the first sub ciphertext and the second sub ciphertext to obtain the target ciphertext; decrypting the target ciphertext with the target private key based on the third target request to recover the target key.
According to another embodiment of the present invention, there is also provided a key recovery method applied to a second object, including: receiving a first target request sent by a first object, wherein the first target request is used for requesting to recover a target key; and informing N third objects to respectively send N sub-ciphertexts to the first object, and indicating the first object to decrypt the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting the N sub-keys by using a target public key by the second object and are respectively sent to the N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm, and N is a positive integer greater than or equal to 2.
According to another embodiment of the present invention, there is also provided a key recovery method applied to a third object, including: receiving a target notification, where the target notification is used to instruct each of N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts obtained by a second object by using a target public key to encrypt N sub-keys and are sent to N third objects, the N sub-keys are keys obtained by the second object by slicing a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request recovery of the target key; and sending the sub ciphertext to the first object, and instructing the first object to decrypt the N sub ciphertext by using a target private key after receiving the N sub ciphertext to recover the target key, where the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
In one exemplary embodiment, the method further comprises: sending a fourth target request to a second target sub-object to request to obtain a second sub-ciphertext, where the second target sub-object is all objects included in the N third objects except the first target sub-object, and the second sub-ciphertext includes the sub-ciphertext stored in each object of the second target sub-object; acquiring the second sub ciphertext, wherein the second sub ciphertext is composed of the sub ciphertext which is sent by each object in the second target sub object after the first target sub object is subjected to identity authentication and the authentication is passed; adding the second sub ciphertext and a first sub ciphertext to obtain a target ciphertext, wherein the first sub ciphertext is a ciphertext stored in the first target sub object; sending a third target request to the first object to request the first object to decrypt the target ciphertext to recover the target key.
According to still another embodiment of the present invention, there is also provided a key recovery apparatus, located in a first object, including: a first obtaining module, configured to obtain N sub-ciphertexts, where the N sub-ciphertexts are ciphertexts obtained by a second object by using a target public key to encrypt N sub-keys and are respectively sent to N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the N sub-ciphertexts are keys obtained by the second object after the first object sends a first target request to the second object, the second object notifies the N third objects to respectively send to the first object, the first target request is used to request recovery of the target key, and N is a positive integer greater than or equal to 2; and the first recovery module is used for decrypting the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm.
According to still another embodiment of the present invention, there is also provided a key recovery apparatus, located in a second object, including: a first receiving module, configured to receive a first target request sent by a first object, where the first target request is used to request recovery of a target key; the first processing module is configured to notify the N third objects to send N sub-ciphertexts to the first object, respectively, and instruct the first object to decrypt the N sub-ciphertexts by using a target private key to recover the target key, where the N sub-ciphertexts are ciphertexts obtained by encrypting the N sub-keys by using a target public key by the second object and are sent to the N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
According to still another embodiment of the present invention, there is also provided a key recovery apparatus, located in a third object, including: a second receiving module, configured to receive a target notification, where the target notification is used to instruct each of N third objects included in the N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts that are obtained by a second object by using a target public key to encrypt N sub-keys and are sent to the N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request to recover the target key; and the second processing module is used for sending the sub-ciphertexts to the first object and indicating the first object to decrypt the N sub-ciphertexts by using a target private key after receiving the N sub-ciphertexts so as to recover the target key, wherein the target public key and the target private key are a key pair generated by the first object by adopting a predetermined algorithm, and N is a positive integer greater than or equal to 2.
There is also provided, according to still another embodiment of the present invention, a key recovery system including: the key recovery device comprises a first object, a second object and N third objects, wherein the first object comprises the key recovery device in the first object, the second object comprises the key recovery device in the second object, and the third object comprises the key recovery device in the third object.
According to a further embodiment of the present invention, there is also provided a computer-readable storage medium having a computer program stored thereon, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
According to yet another embodiment of the present invention, there is also provided an electronic device, including a memory in which a computer program is stored and a processor configured to execute the computer program to perform the steps in any of the above method embodiments.
According to the method and the device, after a first object sends a first target request to a second object, the second object informs N third objects to send N sub-ciphertexts to the first object respectively, the first object obtains N sub-ciphertexts, then the N sub-ciphertexts are decrypted by using a target private key to recover a target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a preset algorithm, the N sub-ciphertexts are obtained by fragmenting the target key by the second object to obtain N sub-keys, then the N sub-keys are encrypted by using the target public key, the N sub-ciphertexts are sent to the N third objects by the second object respectively, and the N sub-ciphertexts are stored by the N third objects respectively. The target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; in addition, because the first object can decrypt the N sub-ciphertexts and recover the target key by using the target private key, the problem that the security of the key is difficult to ensure because each participant possessing the key fragment can be attacked by collusion in the related technology is avoided, and therefore, the problem that the security of the key is low in the related technology is solved, and the effect of improving the security of the key is achieved.
Drawings
Fig. 1 is a block diagram of a hardware structure of a mobile terminal of a key recovery method according to an embodiment of the present invention;
FIG. 2 is a first flowchart of a key recovery method according to an embodiment of the present invention;
FIG. 3 is a flow chart of another method of key recovery according to an embodiment of the present invention;
FIG. 4 is a flow chart of yet another method for key recovery according to an embodiment of the present invention;
FIG. 5 is a diagram of a key recovery system architecture according to an embodiment of the present invention;
FIG. 6 is an exemplary diagram of an initialization module in accordance with a specific embodiment of the present invention;
FIG. 7 is a diagram of an example master key sharded encryption module, according to a specific embodiment of the present invention;
FIG. 8 is a diagram of an example master key recovery module in accordance with a specific embodiment of the present invention;
fig. 9 is a first block diagram of a key recovery apparatus according to an embodiment of the present invention;
fig. 10 is a block diagram of another configuration of a key recovery apparatus according to an embodiment of the present invention;
fig. 11 is a block diagram of a further key recovery apparatus according to an embodiment of the present invention.
Detailed Description
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings in conjunction with the embodiments.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
The method embodiments provided in the embodiments of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Taking the operation on the mobile terminal as an example, fig. 1 is a hardware structure block diagram of the mobile terminal of the key recovery method according to the embodiment of the present invention. As shown in fig. 1, the mobile terminal may include one or more processors 102 (only one is shown in fig. 1) (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.) and a memory 104 for storing data, wherein the mobile terminal may further include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those of ordinary skill in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the mobile terminal. For example, the mobile terminal may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store computer programs, for example, software programs and modules of application software, such as a computer program corresponding to the key recovery method in the embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the computer programs stored in the memory 104, so as to implement the above-mentioned method. The memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the mobile terminal over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the mobile terminal. In one example, the transmission device 106 includes a Network adapter (NIC), which can be connected to other Network devices through a base station so as to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In this embodiment, a key recovery method is provided, and fig. 2 is a first flowchart of a key recovery method according to an embodiment of the present invention, as shown in fig. 2, applied to a first object, where the flowchart includes the following steps:
step S202, N sub-ciphertexts are obtained, wherein N sub-ciphertexts are obtained by a second object through encrypting N sub-keys by using a target public key and are respectively sent to N third objects, N sub-keys are keys obtained by the second object through fragmenting a target key, N sub-ciphertexts are obtained by the first object sending a first target request to the second object and then the second object notifying N third objects to respectively send to the first object, the first target request is used for requesting to recover the target key, and N is a positive integer greater than or equal to 2;
step S204, decrypting the N sub ciphertexts by using a target private key to recover the target key, where the target public key and the target private key are key pairs generated by the first object by using a predetermined algorithm.
Through the steps, after the first object sends the first target request to the second object, the second object informs N third objects to send N sub-ciphertexts to the first object respectively, the first object obtains N sub-ciphertexts, then the N sub-ciphertexts are decrypted by using the target private key to recover the target secret key, wherein the target public key and the target private key are key pairs generated by the first object through a preset algorithm, the N sub-ciphertexts are obtained by fragmenting the target secret key by the second object to obtain N sub-keys, then the N sub-keys are encrypted by using the target public key, the N sub-ciphertexts are sent to the N third objects by the second object respectively, and the N sub-ciphertexts are stored by the N third objects respectively. The target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; in addition, because the first object can decrypt the N sub-ciphertexts and recover the target key by using the target private key, the problem that the security of the key is difficult to ensure because each participant possessing the key fragment can be attacked by collusion in the related technology is avoided, and therefore, the problem that the security of the key is low in the related technology is solved, and the effect of improving the security of the key is achieved.
The main body of the above steps may be a device, such as a key management device, or the above first object, or a terminal, or a key recovery device in practical application, but is not limited thereto. The following description is given by taking the first object as an example (which is only an exemplary illustration, and in actual operation, other devices or modules may be used to perform the above operations).
In the above embodiment, the first object obtains N sub-ciphertexts, where the N sub-ciphertexts are ciphertexts obtained by the second object by encrypting the N sub-keys with the target public key and are respectively sent to N third objects, the N sub-keys are keys obtained by the second object by fragmenting the target key, the N sub-ciphertexts are keys obtained by the first object sending the first target request to the second object, the second object notifying the N third objects to respectively send to the first object, the first target request is used for requesting to recover the target key, and N is a positive integer greater than or equal to 2; for example, the first object may be a master key restorer in a key management system and the second object may be a secretThe third object may be a master key issuer in the key management system, for example, the second object divides the master key (or called plaintext master key, corresponding to the target key) S into N (corresponding to the N) master key partitions, such as S 1 ,s 2 ,…,s n Satisfy S ═ S 1 +s 2 +…+s n Then, the second object encrypts each plaintext master key fragment s using the target public key i To obtain the corresponding ciphertext fragment C i I.e. n ciphertext fragments, wherein i is more than or equal to 1 and less than or equal to n, the second object sends n master key fragments to n third objects respectively, i.e. each third object stores one ciphertext fragment respectively; the target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; then, the first object decrypts the N sub-ciphertexts by using the target private key to recover the target key, where the target public key and the target private key are key pairs generated by the first object by using a predetermined algorithm, for example, the first object selects a homomorphic encryption algorithm with addition homomorphism to generate a pair of public and private keys (i.e., the target public key and the target private key pair), that is, the first object can decrypt the N sub-ciphertexts and recover the target key by using the target private key, thereby avoiding a problem that each participant having a key fragment in the related art can hardly guarantee the security of the key due to collusion attack. Therefore, the problem of low security of the key in the related technology is solved, and the effect of improving the security of the key is achieved.
In an optional embodiment, decrypting the N sub-ciphertexts by using a target private key to recover the target key includes: decrypting the N sub-ciphertexts by using the target private key respectively to obtain N sub-keys; recovering the target key based on the N subkeys. In this embodiment, the first object uses the target private key to pair N sub-ciphertexts (corresponding to the above-mentioned ciphertext fragment C) i Where i is 1 ≦ N) to obtain N sub-keys, e.g., the first object uses the target private key to decrypt the N sub-ciphertexts (e.g., i ≦ N)C i ) Decrypting to obtain s in sequence 1 ,s 2 ,…,s n The target key is then recovered based on the N subkeys. Through the embodiment, the first object utilizes the target private key to achieve the purpose of decrypting the N sub-ciphertexts and further recovering the target private key.
In an optional embodiment, recovering the target key based on the N sub-keys includes: and adding the N sub-keys to obtain the target key. In this embodiment, the first object adds N sub-keys to obtain the target key, e.g., by performing an addition operation S-S 1 +s 2 +…+s n And obtaining the target secret key S. By the embodiment, the purpose of adding the N sub-keys to recover the target key is achieved.
In an optional embodiment, before obtaining the N sub ciphertexts, the method further includes: receiving a second target request sent by the second object, wherein the second target request is used for requesting to acquire the target public key; and after the identity of the second object is authenticated and the authentication is passed, sending the target public key to the second object to indicate the second object to encrypt the N sub-keys by using the target public key so as to obtain N sub-ciphertexts. In this embodiment, before acquiring N sub-ciphertexts, a first object receives a second target request sent by a second object to request a target public key, and after the first object authenticates and authenticates the identity of the second object, the target public key is sent to the second object, in practical application, the first object generates a public-private key pair (i.e., a target public key and a target private key pair), and after the first object authenticates the identity of the second object, the target public key is sent to the second object, and the first object may adopt a dynamic password or authenticate the identity of the second object based on authentication of a public key cryptosystem, etc.; after the second object acquires the target public key, the target public key can be used for encrypting the N sub-keys to obtain the N sub-ciphertexts. By the embodiment, the purpose that the target public key is sent to the second object after the second target request is received and the second object is instructed to encrypt the N sub-keys by using the target public key is achieved, and the effect of protecting the safety of each main key fragment and further protecting the safety of the main key is achieved.
In an optional embodiment, sending the target public key to the second object includes: and sending the target public key to the second object to indicate the second object to destroy the target key and the N sub-keys. In this embodiment, the first object sends the target public key to the second object, and instructs the second object to destroy the target key and the N sub-keys, that is, in practical application, the second object segments and encrypts the target key (corresponding to the master key), and then segments the original master key (such as the master key S) and the master key (such as the master key S) into segments 1 ,s 2 ,…,s n ) And destroying is carried out to avoid the main secret key or the main secret key fragment from being leaked, so that the effect of further improving the safety of secret key management can be achieved.
In an optional embodiment, sending the target public key to the second object includes: and sending the target public key to the second object to indicate that the second object carries out identity authentication on the N third objects and sends the N sub-ciphertexts to the N third objects respectively after the authentication is passed. In this embodiment, the first object sends the target public key to the second object, and indicates that the second object sends N sub-ciphertexts (such as the above-mentioned cipher text fragments) to the N third objects after the identities of the N third objects are authenticated and the authentication is passed, that is, sends the sub-ciphertexts to the third object after the identity of the third object is determined, so as to achieve the purpose of improving the security of the secret key.
In an optional embodiment, the method further comprises: receiving a third target request, wherein the third target request is sent by a first target sub-object after performing a predetermined operation and obtaining a target ciphertext, the third target request requesting decryption of the target ciphertext to recover the target key, the first target sub-object is any one of the N third objects, and the predetermined operation includes: the first target sub-object is oriented to a second target sub-objectThe object sends a fourth target request to obtain a second sub-ciphertext, wherein the second target sub-object is all objects, except the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object; acquiring the second sub ciphertext, wherein the second sub ciphertext is formed by the sub ciphertext which is sent after each object in the second target sub-object performs identity authentication on the first target sub-object and passes the authentication; adding the first sub ciphertext and the second sub ciphertext to obtain the target ciphertext; decrypting the target ciphertext with the target private key based on the third target request to recover the target key. In this embodiment, a fourth target request may be sent from the first target sub-object to the second target sub-object to request to obtain a second sub-ciphertext, where the first sub-target object is any one of N third objects, the second sub-target object is another one of the N third objects except the first sub-target object, that is, the second sub-target object includes N-1 third objects, the second sub-ciphertext is a combination of sub-ciphertexts stored in each of the N-1 third objects, after the first sub-target object obtains the second sub-ciphertext, the first sub-target object performs an addition operation on the first sub-ciphertext and the second sub-ciphertext to obtain the target ciphertext, where the first sub-ciphertext is the sub-ciphertext stored in the first sub-target object, and through the above operation, a request is initiated from any one of the N third objects to the other N-1 third objects to obtain the second sub-ciphertext, then store the first sub-ciphertext (such as C) stored therein 1 ) And a second sub-ciphertext (e.g., C) 2 +C 3 +…+C n And,) performing an addition operation to obtain the target ciphertext, e.g., C ═ C 1 +C 2 +C 3 +…+C n (ii) a After the first sub-target object obtains the target ciphertext, the first sub-target object can send a third target request to the first object, and after the first object receives the third target request, the first object decrypts the target ciphertext by using the target private key to recover the target key. Through the embodiment, the method realizes the purpose of initiating the encryption by the third objectThe key recovery request requests the first object to recover the master key, so that the purpose of improving the flexibility of the key recovery request is achieved, and meanwhile, the problem that in the related technology, the security of the key is difficult to guarantee due to collusion attack of all the participating parties possessing the key fragment is solved.
In this embodiment, another key recovery method is further provided, and fig. 3 is a flowchart of another key recovery method according to an embodiment of the present invention, as shown in fig. 3, applied to a second object, where the flowchart includes the following steps:
step S302, receiving a first target request sent by a first object, wherein the first target request is used for requesting to recover a target key;
step S304, notifying N third objects to respectively send N sub-ciphertexts to the first object, and instructing the first object to decrypt the N sub-ciphertexts by using a target private key to recover the target key, where the N sub-ciphertexts are ciphertexts obtained by the second object encrypting the N sub-keys by using a target public key and are respectively sent to the N third objects, the N sub-keys are keys obtained by the second object fragmenting the target key, the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
Through the steps, the second object receives a first target request sent by the first object to request for recovering a target key, the second object informs N third objects to send N sub-ciphertexts to the first object respectively and indicates the first object to decrypt the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a preset algorithm, the N sub-ciphertexts are obtained by fragmenting the target key by the second object to obtain N sub-keys, and then the N sub-keys are encrypted by using the target public key, the N sub-ciphertexts are sent to the N third objects by the second object respectively, and the N sub-ciphertexts are stored by the N third objects respectively. The target secret key is encrypted in a fragmentation way, so that the safety of each secret key fragment is protected, and the aim of protecting the safety of the target secret key is fulfilled; in addition, the first object is indicated to decrypt the N sub-ciphertexts by using the target private key and recover the target key, so that the problem that in the related technology, the security of the key is difficult to guarantee due to collusion attack of all participants possessing the key fragment can be avoided, the problem that the security of the key is low in the related technology is solved, and the effect of improving the security of the key is achieved.
The executing subject of the above steps may be a device, such as a key management device, or the above second object, or a terminal, or a key issuing device in practical application, but is not limited thereto. The following description will be given by taking the second object as an example (which is only an exemplary description, and in actual operation, other devices or modules may also be used to perform the above operations).
In the above embodiment, the second object receives a first target request sent by the first object, wherein the first target request is used for requesting to recover the target key; and the second object informs the N third objects to respectively send the N sub-ciphertexts to the first object and instructs the first object to decrypt the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting the N sub-keys by using a target public key by the second object and are respectively sent to the N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, and N is a positive integer greater than or equal to 2. For example, the first object may be a master key restorer in the key management system, the second object may be a master key issuer in the key management system, and the third object may be a master key shard storer in the key management system, for example, the second object divides a master key (or called a plaintext master key, corresponding to the target key) S into N (corresponding to the N) master key shards, such as S 1 ,s 2 ,…,s n Satisfy S ═ S 1 +s 2 +…+s n Then, the second object encrypts each plaintext master key fragment s using the target public key i To obtain a correspondenceCiphertext fragment C of i I.e. n ciphertext fragments, wherein i is more than or equal to 1 and less than or equal to n, the second object sends n master key fragments to n third objects respectively, i.e. each third object stores one ciphertext fragment respectively; the target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; the second object informs the N third objects to respectively send the N sub-ciphertexts to the first object, and instructs the first object to decrypt the N sub-ciphertexts by using a target private key so as to recover a target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm, for example, the first object selects a homomorphic encryption algorithm with addition homomorphism to generate a pair of public keys and private keys (namely a target public key and a target private key pair), namely instructs the first object to decrypt the N sub-ciphertexts by using the target private key and recover the target key, and the problem that each participant having a key fragment in the related technology can cause difficulty in guaranteeing the security of the key due to collusion attack is avoided. Therefore, the problem of low security of the key in the related technology is solved, and the effect of improving the security of the key is achieved.
In this embodiment, a further key recovery method is further provided, and fig. 4 is a flowchart three of the further key recovery method according to the embodiment of the present invention, as shown in fig. 4, applied to a third object, where the flowchart includes the following steps:
step S402, receiving a target notification, where the target notification is used to instruct each of N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts obtained by a second object by using a target public key to encrypt N sub-keys and are sent to N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request recovery of the target key;
step S404, sending the sub ciphertext to the first object, and instructing the first object to decrypt the N sub ciphertext using a target private key after receiving the N sub ciphertext to recover the target key, where the target public key and the target private key are a key pair generated by the first object using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
Through the above steps, the third object receives a target notification sent by the second object to instruct each of the N third objects to send N sub-ciphertexts to the first object, respectively, where the target notification is sent by the second object after receiving a first target request sent by the first object, each of the N third objects sends the sub-ciphertexts to the first object after receiving the target notification, and instructs the first object to decrypt the N sub-ciphertexts with the target private key to recover the target key, where the target public key and the target private key are a key pair generated by the first object using a predetermined algorithm, the N sub-ciphertexts are obtained by fragmenting the target key by the second object to obtain N sub-keys, and then encrypting the N sub-ciphertexts with the target public key, and the second object sends the N sub-ciphertexts to the N third objects, respectively, and respectively storing the N sub-ciphertexts by the N third objects. The target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; in addition, the first object is indicated to decrypt the N sub-ciphertexts by using the target private key and recover the target key, so that the problem that in the related technology, the security of the key is difficult to guarantee due to collusion attack of all participants possessing the key fragment can be avoided, the problem that the security of the key is low in the related technology is solved, and the effect of improving the security of the key is achieved.
The executing body of the above steps may be a device, such as a ciphertext storage device, or the above third object, or a terminal, or a key fragment storage device in practical application, but is not limited thereto. The following description is given by taking the third object as an example (which is only an exemplary illustration, and in actual operation, other devices or modules may also be used to perform the above operation).
In the above embodiment, the third object receives a target notification, where the target notification is used to instruct each third object included in the N third objects to send N sub-ciphertexts to the first object, the N sub-ciphertexts are ciphertexts obtained by the second object by using a target public key to encrypt N sub-keys and are sent to the N third objects, the N sub-keys are keys obtained by the second object by slicing the target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request recovery of the target key; each of the N third objects sends a sub-ciphertext to the first object, that is, the N sub-ciphertexts are sent to the first object, and the first object is instructed to decrypt the N sub-ciphertexts by using the target private key after receiving the N sub-ciphertexts, so as to recover the target key, for example, the first object may be a master key restorer in the key management system, the second object may be a master key issuer in the key management system, and the third object may be a master key fragment storer in the key management system, for example, the second object divides a master key (or a plaintext master key, which is equivalent to the target key) S into N (equivalent to the N) master key fragments, such as S 1 ,s 2 ,…,s n Satisfy S ═ S 1 +s 2 +…+s n Then, the second object encrypts each plaintext master key fragment s using the target public key i To obtain the corresponding ciphertext fragment C i I.e. n ciphertext fragments, wherein i is more than or equal to 1 and less than or equal to n, the second object sends n master key fragments to n third objects respectively, i.e. each third object stores one ciphertext fragment respectively; the target key is encrypted in a fragmentation way, so that the security of each key fragment is protected, and the purpose of protecting the security of the target key is achieved; the target public key and the target private key are a key pair generated by the first object using a predetermined algorithm, for example, the first object selects a homomorphic encryption algorithm with addition homomorphism to generate a pair of public and private keys (i.e. target public key, target private key pair), i.e. the first object is instructed to utilize the target private keyThe N sub-ciphertexts are decrypted and the target key is recovered, so that the problem that in the related technology, each participant possessing the key fragment can be attacked by collusion to cause difficulty in guaranteeing the security of the key is solved. Therefore, the problem of low security of the key in the related technology is solved, and the effect of improving the security of the key is achieved.
In an optional embodiment, the method further comprises: sending a fourth target request to a second target sub-object to request to obtain a second sub-ciphertext, wherein the second target sub-object is all objects, except for the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object; acquiring the second sub ciphertext, wherein the second sub ciphertext is composed of the sub ciphertext which is sent by each object in the second target sub object after the first target sub object is subjected to identity authentication and the authentication is passed; adding the second sub ciphertext and a first sub ciphertext to obtain a target ciphertext, wherein the first sub ciphertext is a ciphertext stored in the first target sub object; sending a third target request to the first object to request the first object to decrypt the target ciphertext to recover the target key. In this embodiment, the first target sub-object sends a fourth target request to the second target sub-object to request to obtain a second sub-ciphertext, where the first sub-ciphertext is any one of N third objects, the second sub-ciphertext is another one of the N third objects except the first sub-ciphertext, that is, the second sub-target object includes N-1 third objects, and the second sub-ciphertext corresponds to a combination of sub-ciphertexts stored in each of the N-1 third objects, the first sub-target object obtains the second sub-ciphertext, and then adds the first sub-ciphertext and the second sub-ciphertext to obtain the target ciphertext, where the first sub-ciphertext is a sub-ciphertext stored in the first sub-target object, and through the above operations, a request is initiated from any one of the N third objects to the other N-1 third objects to obtain the second sub-ciphertext, then, the product is processedThe first sub-cipher text (such as C) stored by itself 1 ) And a second sub-ciphertext (e.g., C) 2 +C 3 +…+C n And,) performing an addition operation to obtain the target ciphertext, e.g., C ═ C 1 +C 2 +C 3 +…+C n (ii) a The first sub-target object sends a third target request to the first object to request the first object to decrypt the target ciphertext C with the target private key to recover the target key (S). Through the embodiment, the purpose of initiating the key recovery request by the third object to request the first object to recover the master key is achieved, the purpose of improving the flexibility of the key recovery request is achieved, and meanwhile, the problem that in the related technology, the security of the key is difficult to guarantee due to collusion attack of all the participants possessing the key fragment is solved.
It is to be understood that the above-described embodiments are only a few, but not all, embodiments of the present invention. The present invention will be described in detail with reference to examples.
In this embodiment, a key recovery system is further provided, and fig. 5 is an architecture diagram of a key recovery system according to an embodiment of the present invention, where the system includes: a master key issuer SD 504 (corresponding to the second object), a master key restorer SR 502 (corresponding to the first object), and n (n ≧ 2) master key sharded depositors P i (i ═ 1, 2, …, n)506 (corresponding to the third object), where the master key corresponds to the target key.
The master key issuer SD is used for fragmenting the master key and encrypting the master key; the master key restorer SR is used for generating a key pair and decrypting the master key ciphertext to restore the master key; master key sharded depositor P i (i-1, 2, …, n) for holding master key slices.
The embodiment of the application provides a method for recovering a master key, and the scheme mainly comprises three roles: a master key issuer SD (corresponding to the second object), a master key restorer SR (corresponding to the first object), and n (n ≧ 2) master key sharding depositors P i (i ═ 1, 2, …, n) (corresponding to the third object described above).
The master key (corresponding to the target key) sharing scheme based on the addition homomorphic algorithm in the embodiment of the application comprises three modules: the system comprises an initialization module, a main key fragment encryption module and a main key recovery module. The functions of the three modules and their workflow are explained below.
(1) Initialization module
Fig. 6 is a diagram of an exemplary initialization module according to an embodiment of the present invention, in which an initialization process between a master key restorer and a master key issuer is involved, specifically as follows:
1.1, the master key restorer SR selects a homomorphic encryption algorithm (for example, paillier homomorphic encryption algorithm, corresponding to the predetermined algorithm) with addition homomorphism to generate a pair of public and private keys, which are denoted as < pub, pri >.
1.2, the master key issuer SD requests the public key pub from the master key restorer SR.
1.3, the key restorer SR performs identity authentication (for example, dynamic password, authentication based on public key cryptosystem, etc.) on the master key issuer SD, and after the authentication is passed, sends the public key pub to the master key issuer SD.
(2) Master key slicing encryption module
Fig. 7 is a diagram of an example of a master key fragmentation encryption module according to an embodiment of the present invention, where a master key issuer is involved in fragmenting a master key and encrypting the master key fragmentation, as follows:
2.1, the master key issuer SD owns the master key S, which is divided into n master key fragments S 1 ,s 2 ,…,s n (n ≧ 2) (corresponding to the foregoing subkey), satisfies S ═ S 1 +s 2 +…+s n
2.2 Master Key issuer SD encrypts each plaintext Master Key fragment s with public Key pub i Obtaining the corresponding ciphertext fragment (corresponding to the sub-ciphertext) marked as C i =E pub (s i ) (i ═ 1, 2, …, n), and splits the original master key S and the plaintext master key S into pieces S 1 ,s 2 ,…,s n Destruction is performed.
And 2.3, the master key issuer SD authenticates the identities of the n master key fragment storages, and after the identities are authenticated, the n ciphertext fragments (or the master key fragments) are respectively sent to each master key fragment storage.
2.4, each master key shard storer stores ciphertext shards.
(3) Master key recovery module
FIG. 8 is a diagram of an example of a master key recovery module involved in a process in which a master key recoverer requests recovery of a master key, according to an embodiment of the present invention, as follows:
when the master key restorer SR wants to restore the master key, the master key restorer SR transmits a master key restoration request to the master key issuer SD, and the master key issuer SD notifies each master key sharer depositor Pi (i is 1, 2, …, n).
There are two ways to recover the master key, and fig. 8 shows a recovery mode.
The first method is as follows: the method includes that a master key restorer SR collects ciphertext fragments of each master key fragment storer to restore the master key, and specifically includes the following steps:
3.1 Master Key sharer depositor P i (i-1, 2, …, n) slicing the ciphertext into pieces C i To the master key restorer SR.
3.2, the master key restorer SR decrypts each ciphertext fragment to obtain s in sequence 1 ,s 2 ,…,s n I.e. obtaining the master key S ═ S 1 +s 2 +…+s n
The second method comprises the following steps: sharding depositors P by master key i (i e n) executing the operation of ciphertext reporting and recovering the master key, which specifically comprises the following steps:
4.1. master key sharded depositor P i (i belongs to n) requests the ciphertext main key fragment from other main key fragment storers, and other main key fragment storers P j (j ≠ i) versus master key sharer P i Identity authentication is carried out, and after the authentication is passed, the ciphertext master key fragment is sent to the master key fragment storer P i
4.2. Master key sharded depositor P i For master secretKey sharding C 1 ,C 2 ,…,C n Performing an addition operation to obtain C ═ C 1 +C 2 +…+C n ,E pub (s i )(i=1,2,…,n)。
According to the additive homomorphism, C 1 +C 2 +…+C n =E pub (s 1 +s 2 +…+s n ) Is established, i.e.
C=E pub (s 1 +s 2 +…+s n )=E p u b (S)。
4.3 Master Key sharded depositor P i And sending the ciphertext master key C to the master key restorer SR.
And 4.4, the master key restorer SR decrypts the ciphertext C by using the private key pri to obtain the master key S.
In the second mode of the master key recovery module, the master key recoverer may only play a role in decrypting the private key, and the homomorphic operation of the ciphertext fragment may be performed by other master key fragment depositors or other hosts, which is not shown in fig. 8.
In the embodiment, the security of each main key fragment is protected by encrypting the main key fragments, so that the security of the main key is protected; the collusion attack of each participant with the key fragment is resisted, and the participants can only jointly recover the ciphertext of the key but cannot obtain the key information of the plaintext; the cryptographic algorithm meeting homomorphic addition property is utilized to recover the plain text of the key, so that the key storage person and the key recovery role are separated, and the roles of the key storage person are dispersed, thereby improving the security of key storage and recovery.
According to the embodiment of the application, the master key is split in a split mode of additive secret sharing and is stored in a distributed mode, compared with key single-point storage, the effect of improving the safety of master key storage is achieved, meanwhile, the effect that the key fragmentation storage process has no redundancy is achieved, and a storage user is not available; the restorer with the homomorphic private key is a key point, the secret fragment memory only has the ciphertext of the secret fragment, and even if all the secret fragment memory colludes, only the ciphertext of the master key can be obtained, so that the aim of resisting the collusion among the secret fragment memory can be fulfilled; meanwhile, the effect of increasing the flexibility in the process of recovering the master key is achieved. Any host (including a secret sharded storer) can calculate the ciphertext of the master key through the addition homomorphism of the encryption algorithm, the plaintext of the master key is not disclosed, and only a restorer can restore the master key.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
In this embodiment, there is also provided a key recovery apparatus located in a first object, and fig. 9 is a block diagram of a configuration of a key recovery apparatus according to an embodiment of the present invention, as shown in fig. 9, the apparatus includes:
a first obtaining module 902, configured to obtain N sub ciphertexts, where N sub ciphertexts are ciphertexts obtained by a second object encrypting N sub keys by using a target public key and are sent to N third objects, N sub keys are keys obtained by the second object fragmenting a target key, N sub ciphertexts are keys obtained by the second object notifying N third objects to send to the first object after the first object sends a first target request to the second object, the first target request is used to request recovery of the target key, and N is a positive integer greater than or equal to 2;
a first recovering module 904, configured to decrypt the N sub-ciphertexts by using a target private key to recover the target key, where the target public key and the target private key are key pairs generated by the first object by using a predetermined algorithm.
In an alternative embodiment, the first recovery module 904 comprises: the first decryption unit is used for decrypting the N sub-ciphertexts by using the target private key respectively to obtain N sub-keys; a first recovery unit, configured to recover the target key based on the N sub-keys.
In an optional embodiment, the first recovery unit includes: and the obtaining subunit is used for performing addition operation on the N sub-keys to obtain the target key.
In an optional embodiment, the apparatus further comprises: a third receiving module, configured to receive a second target request sent by the second object before acquiring N sub-ciphertexts, where the second target request is used to request to acquire the target public key; and the third processing module is used for sending the target public key to the second object after the identity of the second object is authenticated and the authentication is passed so as to indicate the second object to encrypt the N sub-keys by using the target public key to obtain N sub-ciphertexts.
In an optional embodiment, the third processing module includes: and the first processing unit is used for sending the target public key to the second object so as to instruct the second object to destroy the target public key and the N sub-keys.
In an optional embodiment, the third processing module includes: and the second processing unit is used for sending the target public key to the second object so as to indicate the second object to respectively send the N sub-ciphertexts to the N third objects after the N third objects are subjected to identity authentication and the authentication is passed.
In an optional embodiment, the apparatus further comprises: a fourth receiving module, configured to receive a third target request, where the third target request is sent by a first target sub-object after a predetermined operation is performed and a target ciphertext is obtained, the third target request is used to request decryption of the target ciphertext to recover the target key, and the first target sub-object is any one object included in the N third objects, where the predetermined operation includes: the first target sub-object sends a fourth target request to a second target sub-object to request to acquire a second sub-ciphertext, wherein the second target sub-object is all objects, except the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object; acquiring the second sub ciphertext, wherein the second sub ciphertext is formed by the sub ciphertext which is sent after each object in the second target sub-object performs identity authentication on the first target sub-object and passes the authentication; adding the first sub ciphertext and the second sub ciphertext to obtain the target ciphertext; and the second recovery module is used for decrypting the target ciphertext by using the target private key based on the third target request so as to recover the target secret key.
In this embodiment, another key recovery apparatus is further provided, and is located in a second object, and fig. 10 is a block diagram of a second structure of the key recovery apparatus according to the embodiment of the present invention, as shown in fig. 10, the apparatus includes:
a first receiving module 1002, configured to receive a first target request sent by a first object, where the first target request is used to request recovery of a target key;
the first processing module 1004 is configured to notify N third objects to send N sub-ciphertexts to the first object, respectively, and instruct the first object to decrypt the N sub-ciphertexts by using a target private key, so as to recover the target key, where the N sub-ciphertexts are ciphertexts obtained by encrypting, by using a target public key, the N sub-keys are keys obtained by fragmenting, by using the second object, the target key, and the target private key are key pairs generated by using a predetermined algorithm by using the first object, and N is a positive integer greater than or equal to 2.
In this embodiment, a further key recovery apparatus is further provided, which is located in a third object, and fig. 11 is a block diagram of a third structure of the further key recovery apparatus according to the embodiment of the present invention, as shown in fig. 11, the apparatus includes:
a second receiving module 1102, configured to receive a target notification, where the target notification is used to instruct each of N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts that are obtained by a second object by using a target public key to encrypt N sub-keys and are sent to N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request to recover the target key;
a second processing module 1104, configured to send the sub ciphertext to the first object, and instruct the first object to decrypt, by using a target private key, the N sub ciphertexts after receiving the N sub ciphertexts, so as to recover the target key, where the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
In an optional embodiment, the apparatus further comprises: a first sending module, configured to send a fourth target request to a second target sub-object to request to obtain a second sub-ciphertext, where the second target sub-object is all objects included in the N third objects except for the first target sub-object, and the second sub-ciphertext includes the sub-ciphertext stored in each object of the second target sub-object; a second obtaining module, configured to obtain the second sub ciphertext, where the second sub ciphertext is formed by the sub ciphertext, which is sent after each object in the second target sub object performs identity authentication on the first target sub object and the authentication passes; a first obtaining module, configured to add the second sub ciphertext to a first sub ciphertext to obtain a target ciphertext, where the first sub ciphertext is a ciphertext stored in the first target sub-object; and the second sending module is used for sending a third target request to the first object so as to request the first object to decrypt the target ciphertext to recover the target key.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
In this embodiment, a key recovery system is further provided, including: the key recovery device comprises a first object, a second object and N third objects, wherein the first object comprises the key recovery device in the first object, the second object comprises the key recovery device in the second object, and the third object comprises the key recovery device in the third object.
Embodiments of the present invention also provide a computer-readable storage medium having a computer program stored thereon, wherein the computer program is arranged to perform the steps of any of the above-mentioned method embodiments when executed.
In an exemplary embodiment, the computer-readable storage medium may include, but is not limited to: various media capable of storing computer programs, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
In an exemplary embodiment, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
For specific examples in this embodiment, reference may be made to the examples described in the above embodiments and exemplary embodiments, and details of this embodiment are not repeated herein.
It will be apparent to those skilled in the art that the various modules or steps of the invention described above may be implemented using a general purpose computing device, they may be centralized on a single computing device or distributed across a network of computing devices, and they may be implemented using program code executable by the computing devices, such that they may be stored in a memory device and executed by the computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into various integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the principle of the present invention should be included in the protection scope of the present invention.

Claims (16)

1. A key recovery method applied to a first object includes:
obtaining N sub-ciphertexts, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting N sub-keys by a second object by using a target public key and are respectively sent to N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the N sub-ciphertexts are keys which are obtained by informing the N third objects to respectively send to the first object by the second object after the first object sends a first target request to the second object, the first target request is used for requesting to recover the target key, and N is a positive integer greater than or equal to 2;
and decrypting the N sub ciphertexts by using a target private key to recover the target secret key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm.
2. The method of claim 1, wherein decrypting the N sub-ciphertexts with a target private key to recover the target key comprises:
decrypting the N sub-ciphertexts by using the target private key respectively to obtain N sub-keys;
recovering the target key based on the N sub-keys.
3. The method of claim 2, wherein recovering the target key based on the N subkeys comprises:
and adding the N sub-keys to obtain the target key.
4. The method of claim 1, wherein prior to obtaining the N sub-ciphertexts, the method further comprises:
receiving a second target request sent by the second object, wherein the second target request is used for requesting to acquire the target public key;
and after the identity of the second object is authenticated and the authentication is passed, sending the target public key to the second object to indicate the second object to encrypt the N sub-keys by using the target public key so as to obtain N sub-ciphertexts.
5. The method of claim 4, wherein sending the target public key to the second object comprises:
and sending the target public key to the second object to indicate the second object to destroy the target key and the N sub-keys.
6. The method of claim 4, wherein sending the target public key to the second object comprises:
and sending the target public key to the second object to indicate that the second object carries out identity authentication on the N third objects and sends the N sub-ciphertexts to the N third objects respectively after the authentication is passed.
7. The method of claim 1, further comprising:
receiving a third target request, wherein the third target request is sent by a first target sub-object after performing a predetermined operation and obtaining a target ciphertext, the third target request is used for requesting decryption of the target ciphertext to recover the target key, the first target sub-object is any one of the N third objects, and the predetermined operation includes:
the first target sub-object sends a fourth target request to a second target sub-object to request to acquire a second sub-ciphertext, wherein the second target sub-object is all objects, except the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object;
acquiring the second sub ciphertext, wherein the second sub ciphertext is composed of the sub ciphertext which is sent by each object in the second target sub object after the first target sub object is subjected to identity authentication and the authentication is passed;
adding the first sub ciphertext and the second sub ciphertext to obtain the target ciphertext;
decrypting the target ciphertext with the target private key based on the third target request to recover the target key.
8. A key recovery method applied to a second object, comprising:
receiving a first target request sent by a first object, wherein the first target request is used for requesting to recover a target key;
and informing N third objects to respectively send N sub-ciphertexts to the first object, and indicating the first object to decrypt the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the N sub-ciphertexts are ciphertexts which are obtained by encrypting the N sub-keys by using a target public key by the second object and are respectively sent to the N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm, and N is a positive integer greater than or equal to 2.
9. A key recovery method applied to a third object, comprising:
receiving a target notification, where the target notification is used to instruct each of N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts obtained by a second object by using a target public key to encrypt N sub-keys and are sent to N third objects, the N sub-keys are keys obtained by the second object by slicing a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request recovery of the target key;
and sending the sub ciphertext to the first object, and instructing the first object to decrypt the N sub ciphertext by using a target private key after receiving the N sub ciphertext to recover the target key, where the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
10. The method of claim 9, further comprising:
sending a fourth target request to a second target sub-object to request to obtain a second sub-ciphertext, wherein the second target sub-object is all objects, except for the first target sub-object, included in the N third objects, and the second sub-ciphertext includes the sub-ciphertext stored by each object in the second target sub-object;
acquiring the second sub ciphertext, wherein the second sub ciphertext is composed of the sub ciphertext which is sent by each object in the second target sub object after the first target sub object is subjected to identity authentication and the authentication is passed;
adding the second sub ciphertext and a first sub ciphertext to obtain a target ciphertext, wherein the first sub ciphertext is a ciphertext stored in the first target sub object;
sending a third target request to the first object to request the first object to decrypt the target ciphertext to recover the target key.
11. A key recovery apparatus, located in a first object, comprising:
a first obtaining module, configured to obtain N sub-ciphertexts, where the N sub-ciphertexts are ciphertexts obtained by a second object by using a target public key to encrypt N sub-keys and are respectively sent to N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the N sub-ciphertexts are keys obtained by the second object after the first object sends a first target request to the second object, the second object notifies the N third objects to respectively send to the first object, the first target request is used to request recovery of the target key, and N is a positive integer greater than or equal to 2;
and the first recovery module is used for decrypting the N sub-ciphertexts by using a target private key so as to recover the target key, wherein the target public key and the target private key are key pairs generated by the first object by adopting a predetermined algorithm.
12. A key recovery apparatus, located in a second object, comprising:
a first receiving module, configured to receive a first target request sent by a first object, where the first target request is used to request recovery of a target key;
the first processing module is configured to notify the N third objects to send N sub-ciphertexts to the first object, respectively, and instruct the first object to decrypt the N sub-ciphertexts by using a target private key to recover the target key, where the N sub-ciphertexts are ciphertexts obtained by encrypting the N sub-keys by using a target public key by the second object and are sent to the N third objects, the N sub-keys are keys obtained by fragmenting the target key by the second object, the target public key and the target private key are a key pair generated by the first object by using a predetermined algorithm, and N is a positive integer greater than or equal to 2.
13. A key recovery apparatus, located in a third object, comprising:
a second receiving module, configured to receive a target notification, where the target notification is used to instruct each of N third objects included in the N third objects to send N sub-ciphertexts to a first object, where the N sub-ciphertexts are ciphertexts that are obtained by a second object by using a target public key to encrypt N sub-keys and are sent to the N third objects, the N sub-keys are keys obtained by the second object by fragmenting a target key, the target notification is sent by the second object after receiving a first target request sent by the first object, and the first target request is used to request to recover the target key;
and the second processing module is used for sending the sub-ciphertexts to the first object and indicating the first object to decrypt the N sub-ciphertexts by using a target private key after receiving the N sub-ciphertexts so as to recover the target key, wherein the target public key and the target private key are a key pair generated by the first object by adopting a predetermined algorithm, and N is a positive integer greater than or equal to 2.
14. A key recovery system, comprising: a first object, a second object, and N third objects, wherein,
the first object comprises the apparatus of claim 11, the second object comprises the apparatus of claim 12, and the third object comprises the apparatus of claim 13.
15. A computer-readable storage medium, in which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1-7 or 8 or 9-10.
16. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method as claimed in any one of claims 1-7 or 8 or 9-10 when executing the computer program.
CN202210753849.0A 2022-06-29 2022-06-29 Key recovery method, device, system, storage medium and electronic device Pending CN115001681A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210753849.0A CN115001681A (en) 2022-06-29 2022-06-29 Key recovery method, device, system, storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210753849.0A CN115001681A (en) 2022-06-29 2022-06-29 Key recovery method, device, system, storage medium and electronic device

Publications (1)

Publication Number Publication Date
CN115001681A true CN115001681A (en) 2022-09-02

Family

ID=83019516

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210753849.0A Pending CN115001681A (en) 2022-06-29 2022-06-29 Key recovery method, device, system, storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN115001681A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115828290A (en) * 2023-02-24 2023-03-21 卓望数码技术(深圳)有限公司 Encryption and decryption method and device based on distributed object storage
CN116938453A (en) * 2023-09-14 2023-10-24 北京小米移动软件有限公司 Key management method, device, equipment and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115828290A (en) * 2023-02-24 2023-03-21 卓望数码技术(深圳)有限公司 Encryption and decryption method and device based on distributed object storage
CN116938453A (en) * 2023-09-14 2023-10-24 北京小米移动软件有限公司 Key management method, device, equipment and storage medium
CN116938453B (en) * 2023-09-14 2023-12-12 北京小米移动软件有限公司 Key management method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US10785019B2 (en) Data transmission method and apparatus
CN109150519B (en) Anti-quantum computing cloud storage security control method and system based on public key pool
CN110932870B (en) Quantum communication service station key negotiation system and method
CN108989033B (en) Cloud storage security control method and system based on public key pool
US11874935B2 (en) Protecting data from brute force attack
CN110519046B (en) Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
KR100506076B1 (en) Method for mutual authentication and key exchange based on the user&#39;s password and apparatus thereof
CN110048849B (en) Multi-layer protection session key negotiation method
KR101021708B1 (en) Group Key Distribution Method and Server and Client for Implementing the Same
US9130744B1 (en) Sending an encrypted key pair and a secret shared by two devices to a trusted intermediary
CN108347404B (en) Identity authentication method and device
US11316671B2 (en) Accelerated encryption and decryption of files with shared secret and method therefor
CN111277412B (en) Data security sharing system and method based on block chain key distribution
CN115001681A (en) Key recovery method, device, system, storage medium and electronic device
CN109274492B (en) Self-secure tightly coupled secret sharing method
CN113239403A (en) Data sharing method and device
CN110557248A (en) Secret key updating method and system for resisting quantum computation signcryption based on certificateless cryptography
CN110519222B (en) External network access identity authentication method and system based on disposable asymmetric key pair and key fob
WO2020042023A1 (en) Instant messaging data encryption method and apparatus
CN111526131B (en) Anti-quantum-computation electronic official document transmission method and system based on secret sharing and quantum communication service station
CN109302283B (en) Anti-quantum computing agent cloud storage method and system based on public asymmetric key pool
CN109412788B (en) Anti-quantum computing agent cloud storage security control method and system based on public key pool
CN116055136A (en) Secret sharing-based multi-target authentication method
CN114866312A (en) Common data determination method and device for protecting data privacy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination