CN115001723A - Group communication method and system based on tree structure and asymmetric key pool - Google Patents

Group communication method and system based on tree structure and asymmetric key pool Download PDF

Info

Publication number
CN115001723A
CN115001723A CN202110194315.4A CN202110194315A CN115001723A CN 115001723 A CN115001723 A CN 115001723A CN 202110194315 A CN202110194315 A CN 202110194315A CN 115001723 A CN115001723 A CN 115001723A
Authority
CN
China
Prior art keywords
node
key
untrusted
message
chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110194315.4A
Other languages
Chinese (zh)
Other versions
CN115001723B (en
Inventor
富尧
钟一民
杨羽成
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN202110194315.4A priority Critical patent/CN115001723B/en
Publication of CN115001723A publication Critical patent/CN115001723A/en
Application granted granted Critical
Publication of CN115001723B publication Critical patent/CN115001723B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a group communication method and a group communication system based on a tree structure and an asymmetric key pool.A group key generation method combining a security chip and the key pool is used, so that the key amount can meet the security requirement of quantum computation resistance, and a chip key for generating a communication key is positioned in the security chip which cannot be cracked by an enemy, so that the possibility that the group communication is cracked due to the fact that the key pool is disassembled after being captured does not exist, and communication contents between different upper and lower levels cannot be decrypted by other irrelevant members; in addition, when the key pool is updated, the key does not need to be transmitted, so that the key pool can be updated quickly and is easy to realize; in addition, the real identities of the group members in the patent are not disclosed, only the node numbers are disclosed, and after the untrusted nodes appear, the untrusted nodes can be randomly replaced by new node numbers, so that the roles and the functions of the group members are not easily predicted by an enemy or more information of the group members is not easily known.

Description

Group communication method and system based on tree structure and asymmetric key pool
Technical Field
The invention relates to the field of quantum computation resistance, in particular to a group communication method and system based on a tree structure and an asymmetric key pool.
Background
Most of the existing group communication authentication systems are authentication methods based on group keys, but for the group communication in the absolute group communication, such as the group communication in the military battle, although the group communication is formed, there are demands such as hierarchical communication, single-line contact, no smooth level or upper group members (except for direct upper level), etc. As can be seen, in the current group communication method, the existing group communication authentication system is no longer applicable. In summary, the prior art has the following problems:
1. in the prior art, in a common group communication method, the quantity of keys is small, and the security requirement of quantum computation resistance is difficult to meet. In a group communication method for resisting quantum computation, a key pool is generally used for protection, but a symmetric key pool cannot be stored in a highly-safe security chip due to large capacity, and the possibility of group communication cracking caused by disassembly after being captured exists; in order to maintain security, the key pool is generally selected to be updated, the updating method is that one party generates a key and sends the key to the other party, and due to the huge amount of keys in the key pool, the key pool needs a lot of time for updating, the key communication volume is huge, and the key pool is often difficult to realize;
2. in the prior art, the real identity of the group member is public, or an anonymous identity is used but the anonymous identity remains unchanged, so that the role and function of the group member can be easily predicted by an adversary through the real identity or the anonymous identity, or the real identity is associated with the existing data so as to know more information of the member.
Disclosure of Invention
Aiming at the problems in the related art, the invention provides a group communication method and a group communication system based on a tree structure and an asymmetric key pool, so as to overcome the technical problems in the prior related art.
Therefore, the invention adopts the following specific technical scheme:
a group communication system based on a tree structure and an asymmetric key pool is characterized in that nodes in the system are divided into a plurality of levels according to authority, an administrator is the highest level, each node has a security chip and has a disassembly resisting function, and an enemy cannot acquire contents stored in the security chip. The safety chip stores own identity information, which comprises own related father node identity information, identity information of all child nodes and corresponding node numbers, and only the node numbers are disclosed instead of public identity information in communication; the memory outside the security chip of the node stores the asymmetric key pool based on the tree structure.
The administrator node has the capability of issuing a key card and has the identity information of all members of the group; the administrator security chip stores the lowest-level chip key, the chip key of the layer and the administrator public and private keys; the security chip of the common node stores the chip key and the administrator public key of the layer, and the chip keys of the same layer are the same.
A group communication method based on a tree structure and an asymmetric key pool is implemented in the group communication system based on the tree structure and the asymmetric key pool, each node can obtain a chip key of a father node in a security chip based on elliptic curve algorithm calculation, and can also calculate a private key pool and a public key pool of a child node according to the private key pool and the chip key and the identity information of the child node; the communication process comprises the following steps:
a sender encrypts a message by using a session key to obtain a first ciphertext, calculates the message, parent node identity information and child node identity information by using the session key to obtain a first message verification code, and combines the first ciphertext, the first message authentication code, the serial numbers of the parent node and the child node and the verification message to form a second ciphertext and sends the second ciphertext to a receiver;
and after receiving the second ciphertext, the receiver decrypts and verifies the first message authentication code by using the session key, and decrypts the first ciphertext by using the session key after the verification is passed to obtain the message.
Optionally, when the sender is a father node, the receiver is a child node; when the sender is a child node, the receiver is a father node; the verification message is a timestamp.
The calculation of the session key comprises the following steps: the father node takes out a private key of the father node from a private key pool of the father node according to the pointer function, calculates a private key of a child node according to the private key of the father node, an x coordinate of the chip key of the layer on an elliptic curve and identity information of the child node, calculates a communication key according to the chip key of the layer and the private key of the child node, and further calculates a session key through a message authentication code function;
the child node takes out the public key of the node from the public key pool through a pointer function, obtains a communication key by combining the x coordinate calculation of the chip key of the layer on an elliptic curve, and further obtains a session key by calculating through a message authentication code function.
Optionally, the method occurs in communication of a newly added trusted member, and is characterized in that an administrator allocates a chip key, identity information and a key pool to the trusted member according to the newly added trusted member and the node number, generates a legal message for announcing that the trusted member is legal, and sends the legal message to a trusted father node of the trusted member step by step according to the method, and the trusted father node newly adds the identity information of the trusted member in an identity information list.
Optionally, when an untrusted node exists in the group communication, the trusted parent node of the untrusted node sends an untrusted message of the untrusted node to the administrator node step by step according to the above method;
after receiving the untrusted message, the administrator node issues an illegal notification of the untrusted node, the requirement of changing the upper level of the child node of the untrusted node into the trusted parent node of the untrusted node is used as a second message, unique new identity information and a new node number which are used as the lower level of the trusted parent node of the untrusted node are redistributed to all the child nodes of the untrusted node, the administrator node calculates a chip key of the trusted parent node, a chip key of the untrusted node and a chip key of the child node of the untrusted node, encrypts the second message by using the chip key of the child node of the untrusted node to obtain a second ciphertext, combines the second ciphertext, the current timestamp and the notification to obtain a third message, signs the third message by using an administrator private key to obtain a second signature, signs the identity information of the child node of the untrusted node of all the child nodes of the untrusted node, the new identity information of the child node of the untrusted node, sends a second message to the administrator node, and sends the second message to the administrator private key to the node, wherein the second message is encrypted by using the chip key of the second message, and the second message, Combining the third message and the second signature to obtain a fourth message, and signing an encryption result of the chip key of the untrusted node encrypted by using the chip key of the trusted father node and a fifth message consisting of the fourth message by using an administrator private key to obtain a third signature; the administrator node sends the fifth message and the third signature combination to the credible father node step by step according to the method;
the trusted father node extracts an administrator public key from the security chip to verify a third signature, after the verification is passed, the trusted father node decrypts the third signature to obtain a chip key of the untrusted node and a fourth message encrypted by using the chip key of the trusted father node, and decrypts the fifth message according to the chip key of the layer to obtain the chip key of the untrusted node; calculating a session key according to the method, encrypting the third message and the second signature by using the session key to obtain a sixth message, calculating identity information of the non-trusted node child node, the third message and the second signature by using the session key by using a message authentication function to obtain a second message authentication code, and forming a seventh message by using the current timestamp, the node number of the non-trusted node child node, the sixth message and the second message authentication code and sending the seventh message to the non-trusted node child node;
after receiving the seventh message, the child node of the untrusted node judges that the source of the message is a father node of the untrusted node, calculates a session key according to the method, verifies a second message authentication code by using the session key, decrypts a sixth message after the verification succeeds to obtain a third message and a second signature, extracts an administrator public key from the security chip by the child node of the untrusted node to verify the second signature, decrypts the third message by using the chip key of the local layer after the verification is passed, replaces the identity information with new identity information, stores the new identity information into the security chip, updates the node number and replaces a key pool;
optionally, when the non-trusted node child node has no subordinate, the non-trusted node child node only has a public key pool, and the non-trusted node child node replaces each segment of the key in the public key pool, where the replacing the key pool includes the following steps:
dividing a key pool of the layer into a plurality of sections of sub public keys, taking out one section of the sub public key of the key pool, inputting the one section of the sub public key into a security chip, calculating to obtain a public key of an untrusted node, calculating to obtain a public key of a father node of the untrusted node according to the public key of the father node of the untrusted node and new identity information of the child node of the untrusted node, the position of the section of the sub public key, and an x coordinate of a chip key of the father node of the untrusted node on an elliptic curve to obtain a new sub public key of the child node of the untrusted node, splicing the obtained plurality of new sub public keys according to the sequence of the corresponding sub public keys, and outputting the security chip to obtain a new key pool;
optionally, when the child node of the untrusted node has a lower level, the child node of the untrusted node has a public key pool and a private key pool, and the child node of the trusted node replaces each segment of keys in the private key pool, where the replacing the private key pool includes the following steps:
dividing a private key pool in a key pool of the layer into a plurality of sections of sub private keys, taking out one section of the sub private key of the key pool, inputting the one section of the sub private key into a security chip, calculating to obtain a private key of an untrusted node, calculating to obtain a private key of a parent node of the untrusted node according to the private key of the parent node of the untrusted node and the identity information of the child node of the untrusted node, the position of the section of the sub private key and the x coordinate of a chip key of the parent node of the untrusted node on an elliptic curve to obtain a new sub private key of the child node of the untrusted node, splicing the obtained plurality of new sub private keys according to the sequence of the corresponding sub private keys, and outputting the security chip to obtain a new private key pool; and correspondingly calculating to obtain a public key pool after the private key pool is replaced.
Preferably, after the key pool replacement is completed, the chip key is updated, and after the update is successful, an eighth message containing the own identity information and the new identity information is sent to the trusted father node; and after receiving the second message, the trusted father node verifies the second message stored locally, and after the verification succeeds, the non-trusted node child node is confirmed to be a new subordinate node of the non-trusted node child node and an identity list is updated.
Optionally, when the trusted subordinate of the non-trusted node child node has no subordinate, the trusted subordinate of the non-trusted node child node only has a public key pool, and the trusted subordinate of the non-trusted node child node replaces each segment of the key in the public key pool, where the replacement key pool includes the following steps:
dividing a key pool of the layer into a plurality of sections of sub public keys, taking out a section of the sub public key of the key pool, inputting the section of the sub public key into a security chip, calculating to obtain a public key of a child node of the untrusted node, calculating to obtain a public key of a father node of the untrusted node according to the public key of the child node of the untrusted node, calculating to obtain a new child public key of a child node of the untrusted node according to the public key of the father node of the untrusted node and the new identity information of the child node of the untrusted node, the position of the section of the child public key, and the x coordinate of the chip secret key of the father node of the untrusted node on an elliptic curve, calculating to obtain a new child public key of the credible subordinate of the child node of the untrusted node according to the new child public key of the child node of the untrusted node and the new identity information of the credible subordinate of the child node, and the x coordinate of the chip secret key of the child node on the elliptic curve, then splicing a plurality of new sub public keys of the credible lower level of the obtained non-credible node sub-nodes according to the sequence of the corresponding sub public keys, and outputting a security chip to obtain a new key pool;
optionally, when the trusted subordinate of the child node of the untrusted node has a subordinate, the trusted subordinate of the child node of the untrusted node has a public key pool and a private key pool, and the trusted subordinate of the child node of the trusted node replaces each segment of the key in the private key pool, where the replacing of the private key pool includes the following steps:
dividing a private key pool in the key pool of the layer into a plurality of sections of sub private keys, taking out one section of sub private key of the key pool, inputting the section of sub private key into a security chip, calculating to obtain the private key of the sub node of the untrusted node, the private key of the untrusted node is obtained through calculation according to the private key of the child node of the untrusted node, the private key of the parent node of the untrusted node is obtained through calculation according to the private key of the untrusted node, calculating to obtain a new sub private key of the child node of the untrusted node according to the private key of the parent node of the untrusted node and the new identity information of the child node of the untrusted node, the position of the segment of the sub private key and the x coordinate of the chip key of the parent node of the untrusted node on the elliptic curve, calculating according to the new sub-private key of the sub-node of the untrusted node, the new identity information of the trusted subordinate of the sub-node of the untrusted node, the position of the sub-private key and the x coordinate of the chip key of the untrusted node on the elliptic curve to obtain the new sub-private key of the trusted subordinate of the sub-node of the untrusted node; splicing the obtained new sub-private keys of the credible lower levels of the plurality of the sub-nodes of the non-credible nodes according to the sequence of the corresponding sub-private keys, and outputting a security chip to obtain a new private key pool; and correspondingly calculating to obtain a public key pool after the private key pool is replaced.
Has the advantages that:
1. in the patent, a group key generation method combining a security chip and a key pool is used, so that the key amount can meet the security requirement of quantum computation resistance, and the chip key for generating the communication key is positioned in the security chip which cannot be cracked by an enemy, so that the possibility that the group communication is cracked due to the fact that the key pool is disassembled after being captured does not exist, and the communication contents between different upper and lower levels cannot be decrypted by other irrelevant members; in addition, when the key pool is updated, the key does not need to be transmitted, so that the updating of the key pool can be completed quickly and is easy to realize;
2. in the patent, the real identity of the group member is not disclosed, only the node number is disclosed, and after the occurrence of an untrusted node, the node number can be randomly replaced by a new node number, so that the role and the function of the group member are not easily predicted by an enemy, or more information of the member is known.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a diagram of a system architecture involved in an embodiment of the present invention;
fig. 2 is a process of calculating keys of each layer of key pool and each layer of chip in the embodiment of the present invention.
Detailed Description
The invention will be further described with reference to the following figures and specific examples. It is to be understood that the present invention may be embodied in various forms, and that there is no intention to limit the invention to the specific embodiments illustrated, but on the contrary, the intention is to cover some exemplary and non-limiting embodiments shown in the attached drawings and described below.
It is to be understood that the features listed above for different embodiments may be combined with each other, where technically feasible, to form further embodiments within the scope of the present invention. Furthermore, the particular examples and embodiments of the invention described are non-limiting, and various modifications may be made in the structure, steps, and sequence set forth above without departing from the scope of the invention.
In the communication group, the patent assumes that all members have security chips, and the security chips store respective real identities, namely ID lists, which contain IDs of upper and all lower levels related to the members and corresponding node numbers, and the IDs in communication are not disclosed, but only the node numbers are disclosed. The administrator node has a list of IDs of all members of the group.
As shown in fig. 1, the group communication system based on the tree-structured asymmetric key pool of the present invention includes a plurality of layers of nodes, such as a layer 0 node, a layer 1 node, and a layer 2 node. Under the military data chain scene, the 0 th level node can be a command center, the 1 st level node can be a commander, and the 2 nd level node can be an unmanned aerial vehicle, an unmanned vehicle or a single soldier node and the like.
All there is the safety chip in each layer node matching in this patent, has anti function of disassembling, and the enemy can't obtain the content of the interior storage of safety chip. Since the node in layer 0 is a group administrator and has the capability of issuing a key fob, a chip key at the lowest level (i.e., the chip key KRN in layer N in this patent) is also stored in the security chip, and is used to issue a chip key in a corresponding layer to the newly added group member. The local layer of asymmetric key pool of the administrator node is stored in a memory outside the security chip, and a chip key and an administrator's public and private keys are stored in the security chip of the administrator node; the local asymmetric key pool of other common group members is stored in a memory outside the security chip, and the security chip of the node stores a chip key and an administrator public key.
The chip key KR of the layer is stored in the safety chip of each layer, and the chip keys of the nodes of the same layer are the same. The process of transforming the chip key is shown in fig. 2, and the text describes the following:
let the chip key at layer 0 be KR0, and so on, the chip key at layer 1 is KR1, and the chip key at layer N is KRN. Defining an elliptic curve algorithm parameter P, selecting a true random number SN, and calculating to obtain an Nth layer chip key KRN-SN P. KRN is a point on the elliptic curve whose coordinates can be expressed as KRN (KRNx, KRNy). And calculating an X coordinate KRNx of the elliptic curve point KRN to obtain an N-1 layer chip key KR (N-1) ═ KRNx P. By analogy, KR0 KR1x P. Wherein, KR1x is the x coordinate of elliptic curve point KR 1. That is, each node may compute the chip keys of its respective layer of parent nodes in turn. But the chip key can not be output to the outside of the chip, thereby ensuring the security of all member chip keys.
In the patent, each node further stores an asymmetric key pool based on a tree structure, a private key pool composed of true random numbers when a layer 0 key pool is initialized, the layer 1 key pool is a private key pool and a public key pool corresponding to the private key pool, a layer 2 key pool is a private key pool and a public key pool corresponding to the private key pool, … …, and an N-th layer key pool is a public key pool.
Let the ith node of layer 1 be IDi, the ID of the jth node of layer 2, which is the leaf node below it, be IDij, and the ID of the kth node of layer 3, which is the leaf node below IDij, be IDijk.
Taking the case where N is 3 as an example, the layer 3 key pool is a public key pool.
And each key pool of each node is equally divided into a plurality of sections of keys according to the same rule. The process text for obtaining each layer of key pool through the transformation of the layer 0 key pool is described as follows:
let a certain section of Pos as the position of the private key pool at layer 0 be SK0, the public/private keys at the same positions of the key pools at layers 1 and 2, i.e., Pos, be Ki/SKi and Kij/SKij, respectively, the public/private keys at Pos of the public key pool at layer 3 be Kijk, and the chip keys be KR0, KR1, KR2 and KR3, respectively.
Defining a private key transformation formula SK Seed of Japanese apricot =SK Father +MAC(ID Seed of Japanese apricot ||Pos,KR Father x)。
That is, the private key at the position Pos of the layer 1 private key pool calculated from the x coordinates KR0x of the SK0, the IDi, the position Pos and the layer 0 node chip key KR0 is SK0+ MAC (IDi | | Pos, KR0x), where MAC (M, K) is a message authentication code calculated for the message M using the key K.
Sequentially calculating Ki (SKi) P; SKi ═ SKi + MAC (IDij | | | Pos, KR1 x); kij SKij P; SKijk ═ SKij + MAC (IDijk | | | Pos, KR2 x); kijk is SKijk P.
That is, each node can sequentially calculate the private key pool and the public key pool of each child node by combining the ID of the child node according to the private key pool and the chip key of the node.
Since the enemy cannot acquire the chip keys of the layers, therefore: even if an enemy obtains Kijk and obtains SKijk by cracking with a quantum computer, SKij cannot be obtained through deduction; even if an enemy acquires SKij, SKi cannot be obtained through deduction; even if the adversary acquires SKi, SK0 cannot be derived.
To further illustrate the principles of the present invention, the following detailed description illustrates the principles of the invention.
Example 1: group communication with member trust
In the case that the member is trusted, secure communication can be performed between any two members A and B in the group, which have a parent-child relationship. For security reasons, no direct communication is possible between any of the remaining members.
Case 1.1: layer 1A and layer 2B communication
Assuming that a father node is A, the node number is i, and the ID is IDi; the child node of A is B, the node number is ij, and the ID is IDij. The message to be sent by group member a is NTF and a timestamp TNTF is generated for this message.
A compute pointer Pos ═ fpk (TNTF), function Fpk (×) is an arbitrarily specified transform TNTF to legal pointer function. And taking out the key SKi from the private key pool according to the Pos, and calculating SKij as SKi + MAC (IDij | | | Pos, KR1x) by combining with the x component KR1x of the chip key KR 1.
A calculates a communication key KSGA SKij KR1 and further calculates a session key KSGA MAC (TNTF, KTGA) from the private key SKij of B and the chip key KR 1.
A uses the session key KSGA as the group key of the group communication of the current time, symmetrically encrypts NTF to obtain { NTF } KSGA, and uses KSGA to calculate message authentication codes for IDi, IDij and NTF to obtain MAC (IDi | | | IDij | | | NTF, KSGA). The encrypted information and the message authentication code are sent to other members together with the node numbers i | | | ij of a and B and the timestamp TNTF, and the sent information can be expressed as TNTF | | i | | ij | { NTF } KSGA | | MAC (IDi | | IDij | | NTF, KSGA). The message only carries the node number, and the ID is hidden, so that the ID is kept secret.
After receiving the message, the child node B calculates a pointer Pos ═ fpk (tntf). And taking out the key Kij from the public key pool according to Pos and calculating the communication key KTGB-KR 2 x-Kij in combination with the x component KR2x of the chip key KR 2.
Since Kij × SKij, KR1 × KR2x × P, it can be known that KTGB × KR2x × Kij × KR2x × SKij × P × SKij KR2x × SKij — KR1 × KTGA.
B calculates the same session key KSGB ═ MAC (TNTF, KTGB) as KSGA. The KSGB is used to decrypt the received message and complete the message authentication.
Case 1.2: layer 2B communicating with layer 1A
Assuming that a father node is A, the node number is i, and the ID is IDi; the child node of A is B, the node number is ij, and the ID is IDij. The message to be sent by group member B is NTF and a timestamp TNTF is generated for this message.
And B calculation means Pos is Fpk (TNTF), and a communication key KTGB is KR2x Kij is calculated according to x component KR2x of a key Kij taken out from the Pos in the public key pool and combined with the chip key KR 2. The session key KSGB ═ MAC (TNTF, KTGB) is further calculated.
B uses the session key KSGB as the group key of the group communication, symmetrically encrypts the NTF to obtain { NTF } KSGB, and uses the KSGB to calculate the message authentication code for IDij, IDi and NTF to obtain MAC (IDij | | | IDi | | | NTF, KSGB). The encrypted information and the message authentication code are sent to other members together with the node numbers ij | | | i of B and a and the timestamp TNTF, and the sent information can be represented as TNTF | | ij | | { NTF } KSGB | | MAC (IDij | | IDi | | NTF, KSGB). The message only carries the node number, and the ID is hidden, so that the ID is kept secret.
After receiving the message, the father node a calculates a pointer Pos ═ fpk (tntf), takes out a secret key SKi from the private key pool according to the Pos, and calculates SKij ═ SKi + MAC (IDij | | | Pos, KR1x) by combining with the x component KR1x of the chip secret key KR1 of the layer. A calculates a communication key KTGA SKij KR1 from the private key SKij of B and the chip key KR1, which can be obtained as KTGA KTGB. A further calculates the same session key KSGA ═ MAC (TNTF, KTGA) as KSGB. The KSGA is used to decrypt the received message and complete message authentication.
Example 2: group communication in case a member is not trusted
The reasons for the member's untrustworthiness may be: captured by an enemy; is destroyed by being hit; the unknown reason disappears; abnormal behavior occurs, etc.
Setting a group administrator as a layer 0 node A and a chip key as KRA;
the untrusted member is X, the ID of the untrusted member is IDX, and the replacement key is KRX;
the trusted upper level of X is B, its ID is IDB, and the replacement key is KRB.
The leaf nodes of X are XN in total and are respectively marked as Xj (j belongs to [0, XN-1]]) The ID of each is IDX j The replacement key is KRX j
Since X knows the key pool of this layer and all lower layers, the security of the group communication of this layer and all lower layers is affected, while the key pool of the upper layer is secure. Based on this, A will transfer all the leaf nodes of X to the trusted superior B of X to manage.
Taking the leaf node Xj of X as an example, the parent node will change X to B, and its ID will change from IDXj to IDBJ, and IDBJ will not be duplicated with IDX and other nodes on the same layer as X.
The method comprises the following steps: the trusted upper level sends out a message.
After discovering that X is not trusted, B sends the message that X is not trusted to the administrator node a step by the method described in embodiment 1.
Step two: the group administrator announces the untrusted member.
And after receiving the message sent by the B, the A declares X illegal and informs the Xj to change the father node into the B. The notification message is NTF and a time stamp TNTF is generated for the message.
A reassigns a unique node number J as the subordinate level B to Xj, and the ID of the node number J is represented as IDBJ, but the actual content, namely the real identity, can be changed or can be kept unchanged.
And A calculates to obtain the chip key KRB of B, the chip key KRX of X and the chip key KRXj of Xj. A uses KRXj as a symmetric key to encrypt { IDXj → [ LB | | | IDB | | J | | | IDBJ ] } to obtain { IDXj → [ LB | | | IDB | | J | | IDBJ ] } KRXj. Wherein { IDXj → [ LB | | IDB | | J | | IDBJ ] } denotes the J-th node IDBJ under the IDB node whose node number is LB instead of IDXj. Since A is an administrator, stores KRN, and can calculate KRXj, but X cannot obtain KRXj, X cannot send a message encrypted using KRXj to Xj. A encrypts KRX with KRB as a symmetric key to obtain { KRX } KRB.
Combining { IDXj → [ LB | | IDB | | J | | IDBJ ] } KRXj with TNTF and NTF to obtain MSGj | | | NTF | { IDXj → [ LB | | IDB | | J | | IDBJ ] } KRXj, and signing the MSGj by using an administrator private key by the aid of the a to obtain SIGj ═ SIGN (MSGj, SKA). And combining the XN groups of information to obtain MSG (IDXj | | | IDBJ | | MSGj | | | SIGj) (j belongs to [0, XN-1 ]). Signature of { KRX } KRB | | | MSG by A through an administrator private key to obtain SIGA.
The A sends { KRX } KRB | | | MSG | | | SIGA to the node B step by the method in the embodiment 1. B, extracting the administrator public key from the security chip to verify the SIGA, after the verification is passed, resolving to obtain { KRX } KRB and each IDXj | | | IDBJ | | MSGj | | | SIGj, decrypting the { KRX } KRB by using a chip key KRB to obtain KRX, and reserving the IDXj | | | IDBJ for subsequent verification.
Step three: trusted superordinate B announces non-trusted members.
And the node B calculates Pos (Fpk) (TNTF) according to the TNTF in the MSGj, and extracts SKB from the private key pool. The x component KRBx of the chip key KRB is combined to calculate SKX ═ SKB + MAC (IDX | | Pos, KRBx).
Calculating KX SKX × P, and calculating X component KRXx of chip key KRX combined with X to obtain SKXj SKX + MAC (IDXj | | Pos, KRXx). And B calculates a communication key KTG (SKXj KRB) according to SKXj and the chip key KRB. The session key KSG is further calculated as MAC (TNTF, KTG).
B uses the session key KSG to protect MSGj | | SIGJ to send to Xj, and the sending message is TNTF | | j | { MSGj | | SIGj } KSGA | | MAC (IDXj | | MSGj | | SIGj, KSG).
After the Xj receives the message, the message source is judged to be the father node of the father node because the message does not have the node number of the father node. According to Pos fpk (tntf), a key KXj is taken from Pos in the public key pool, KRX KRXjx P is calculated, and a communication key KTGXj KRXx KXj is calculated from KXj and KRX x, x component KRXx.
Since KXj is SKXj P and KRB is KRXx P, KTGXj is KRXx KXj is SKXj P is SKXj krxj.
Xj calculates the same session key KSGXj ═ MAC (TNTF, KTGXj) as KSG. The KSGXj is used to decrypt the received message and complete message authentication.
After the verification is passed, Xj obtains MSGj | | | SIGj, the Xj extracts the administrator public key in the security chip to verify the SIGj, and after the verification is passed, the Xj uses KRXj to decrypt to obtain IDXj → [ LB | | | IDB | | J | | IDBJ ].
And Xj replaces IDXj with IDBJ and stores the IDBJ in a security chip, takes B as a new upper node, and simultaneously updates the node number as LBJ, namely as J in the lower level of B.
If Xj has no child node, Xj only has a public key pool, and for each segment of key in the public key pool, the Xj node executes key replacement, and the steps are as follows:
1. a section of keys KXj of the key pool is taken out and input into the security chip;
2. since KXj ═ SKXj × P ═ SKX + MAC (IDXj | | Pos, KRXx) ], P ═ SKX ═ P + MAC (IDXj | | Pos, KRXx) × P ═ KX + MAC (IDXj | | Pos, KRXx) × P.
Calculating KRX ═ KRXjx P, and obtaining KRX x component to further obtain MAC (IDXj | | Pos, KRXx) P. Subtracting MAC (IDXj | | Pos, KRXx) × P from KXj to obtain KX;
3. because KX ═ SKX ═ P ═ SKB + MAC (IDX | | Pos, KRBx) ], P ═ SKB ═ P + MAC (IDX | | Pos, KRBx) × P ═ KB + MAC (IDX | | Pos, KRBx) × P.
Calculating KRB ═ KRXx P, and obtaining KRBx of X component of KRB to further obtain MAC (IDX | | Pos, KRBx) × P. Subtracting MAC (IDX | | Pos, KRBx) × P from KX to obtain KB;
4. adding MAC (IDBJ | | Pos, KRBx) × P to KB to KBJ;
5. KBJ is output as a segment of the key pool.
If Xj has child nodes, then Xj has public key pool and private key pool, and for the private key pool, Xj node executes key replacement, the steps are as follows:
1. taking out a section of secret key SKXj of the secret key pool and inputting the section of secret key SKXj into the security chip;
2. since SKXj is SKX + MAC (IDXj | Pos, KRXx), subtracting MAC (IDXj | Pos, KRXx) from SKXj can yield SKX;
3. since SKX is SKB + MAC (IDX | | | Pos, KRBx), subtracting MAC (IDX | | Pos, KRBx) from SKX can yield SKB;
4. adding MAC (IDBJ | | | Pos, KRBx) to SKB to obtain SKBJ;
5. the SKBJ output security chip becomes a section of key of a key pool;
and after the private key pool of the Xj is replaced, correspondingly calculating to obtain a public key pool.
After the key pool of Xj is replaced, Xj replaces the chip key KRXj with KRX, and after the replacement is successful, sends a success message to B by the method of embodiment 1, where the message includes IDXj | | IDBJ. And B, after receiving the ID list, comparing the locally stored IDXj | | | IDBJ, confirming that the BJ is a new lower node, and updating the ID list.
Step four: the trusted subordinate updates the ID and the replacement key.
If the trusted lower level Xj has a lower level Xjk, then in step two, a will similarly generate MSGjk | | SIGjk according to the method for generating MSGj | | SIGj. Wherein, MSGjk ═ TNTF | | | NTF | { IDXjk → [ LBJ | | IDBJ | | K | | | IDBJK ] } KRXjk. Wherein IDXjk → [ LBJ | | IDBJ | | K | | IDBJK ] denotes a kth node IDBJK under the IDBJ node whose node number is LBJ instead of IDXjk. In step three, after B sends MSGjk | | SIGjk to Xj, it is forwarded by Xj to Xjk using the flow of embodiment 1.
Xjk extracts the administrator public key in the security chip to verify SIGjk, after the verification is passed, Xjk decrypts with KRXjk to obtain IDXjk → [ LBJ | | IDBJ | K | | IDBJK ].
Xjk replacing IDXjk with IDBJK and storing it in the security chip, and updating node number LBJK with BJ as new upper node, i.e. as K in the lower level of BJ.
If Xjk has no child node, Xjk has only public key pool, and for each segment of key of the public key pool, Xjk node performs key replacement as follows:
1. taking out a section of key KXjk of the key pool and inputting the key KXjk into the security chip;
2. calculating KRXj ═ KRXjkx ═ P, and obtaining X component KRXjx of KRXj to further obtain MAC (IDXjk | | Pos, KRXjx) × P. Subtracting MAC (IDXjk | | | Pos, KRXjx) × P from KXjk to obtain KXj;
3. calculating KRX ═ KRXjx P, and obtaining KRX x component to further obtain MAC (IDXj | | Pos, KRXx) P. KX is obtained by subtracting MAC (IDXj | | Pos, KRXx) × P from KXj;
4. and calculating KRB ═ KRXx ═ P, and obtaining an x component KRBx of the KRB to further obtain MAC (IDX | | | Pos, KRBx) × P. Subtracting MAC (IDX | | Pos, KRBx) × P from KX to obtain KB;
4. adding MAC (IDBJ | | Pos, KRBx) × P to KB to KBJ;
5. adding MAC (IDBJK | | | Pos, KRXx) × P to KBJ to obtain KBJK;
5. and outputting the KBJK to a security chip to form a section of key of the key pool.
If Xjk has child nodes, Xjk has a public key pool and a private key pool, and for the private key pool, Xjk node performs key replacement as follows:
1. taking out a section of secret key SKXjk of the secret key pool and inputting the section of secret key SKXjk into the security chip;
2. as SKXjk is SKXj + MAC (IDXjk | | Pos, KRXjx), SKXj can be obtained by subtracting MAC (IDXjk | | Pos, KRXjx) from SKXjk;
3. since SKXj is SKX + MAC (IDXj | Pos, KRXx), subtracting MAC (IDXj | Pos, KRXx) from SKXj can yield SKX;
4. since SKX is SKB + MAC (IDX | | | Pos, KRBx), subtracting MAC (IDX | | Pos, KRBx) from SKX can yield SKB;
5. adding MAC (IDBJ | | | Pos, KRBx) to SKB to obtain SKBJ;
6. adding MAC (IDBJK | | | Pos, KRXx) to SKBJ to obtain SKBJK;
7. outputting the SKBJK to a security chip to form a section of key of a key pool;
xjk, after the replacement of the private key pool is completed, the public key pool is obtained by corresponding calculation.
Xjk, replacing the chip key KRXjk with KRXj by Xjk, and sending a success message to Xj by the method of embodiment 1 after the replacement is successful. When Xj receives it, it confirms BJK that it is a new subordinate node and updates the ID list.
Example 3: and adding group communication of the credible member.
And setting the group administrator as A, the newly-added credible member as Y, and the upper node of Y as B. And A allocates a corresponding chip key, an ID list and a key pool for Y according to the layer number and the node number of Y.
A generates a message for announcing that Y is legal as NTF, and A gradually sends the NTF to B by the method of the embodiment 1. B, updating the ID list in the chip and adding the legal information of the member Y.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent should be subject to the appended claims.

Claims (10)

1. A group communication method based on a tree structure and an asymmetric key pool is characterized in that nodes in a system are divided into a plurality of levels according to authority, an administrator is the highest level, and each node has a security chip and has an anti-disassembly function; the safety chip stores own identity information, which comprises own related father node identity information, identity information of all child nodes and corresponding node numbers, and only the node numbers are disclosed instead of public identity information in communication; the memory outside the security chip of the node stores an asymmetric key pool based on a tree structure at the current layer;
the administrator node has the capability of issuing key fobs and has the identity information of all members of the group; the administrator security chip stores the lowest-level chip key, the chip key of the layer and the administrator public and private keys; the security chip of the common node stores the chip key and the administrator public key of the layer, and the chip keys of the same layer are the same.
2. A group communication method based on a tree structure and an asymmetric key pool is implemented in the group communication system based on the tree structure and the asymmetric key pool as claimed in claim 1, wherein each node can calculate a chip key of a parent node thereof based on an elliptic curve algorithm in a security chip, and can also calculate a private key pool and a public key pool of a child node according to the private key pool and the chip key in combination with identity information of the child node; the communication process comprises the following steps:
a sender encrypts a message by using a session key to obtain a first ciphertext, calculates the message, parent node identity information and child node identity information by using the session key to obtain a first message verification code, and combines the first ciphertext, the first message authentication code, the serial numbers of the parent node and the child node and the verification message to form a second ciphertext and sends the second ciphertext to a receiver;
after receiving the second ciphertext, the receiver decrypts and verifies the first message authentication code by using the session key, and decrypts the first ciphertext by using the session key after the verification is passed to obtain a message;
when the sender is a father node, the receiver is a child node;
when the sender is a child node, the receiver is a father node;
the verification message is a timestamp.
3. The group communication method according to claim 2, wherein the calculation of the session key comprises the following steps: the father node takes out a private key of the father node from a private key pool of the father node according to the pointer function, calculates a private key of a child node according to the private key of the father node, an x coordinate of the chip key of the layer on an elliptic curve and identity information of the child node, calculates a communication key according to the chip key of the layer and the private key of the child node, and further calculates a session key through a message authentication code function;
the child node takes out the public key of the node from the public key pool through a pointer function, calculates by combining the x coordinate of the chip secret key of the layer on the elliptic curve to obtain a communication secret key, and further calculates through a message authentication code function to obtain a session secret key.
4. The group communication method based on the tree structure and the asymmetric key pool as claimed in claim 3, wherein the group communication method occurs in communication of newly added trusted members, and is characterized in that an administrator distributes a chip key, identity information and a key pool to the trusted members according to the newly added trusted members and the node numbers, the administrator generates legal messages for announcing the legitimacy of the trusted members, sends the legal messages to the trusted father nodes of the trusted members step by step according to the method as claimed in claim 4, and the trusted father nodes newly add the identity information of the trusted members in an identity information list.
5. The group communication method based on the tree structure and the asymmetric key pool as claimed in claim 3, wherein, when the untrusted node exists in the group communication, the trusted parent node of the untrusted node gradually sends the untrusted message of the untrusted node to the administrator node;
after receiving the untrusted message, the administrator node issues an illegal notification of the untrusted node, the requirement of changing the upper level of the child node of the untrusted node into the trusted parent node of the untrusted node is used as a second message, unique new identity information and a new node number which are used as the lower level of the trusted parent node of the untrusted node are redistributed to all the child nodes of the untrusted node, the administrator node calculates a chip key of the trusted parent node, a chip key of the untrusted node and a chip key of the child node of the untrusted node, encrypts the second message by using the chip key of the child node of the untrusted node to obtain a second ciphertext, combines the second ciphertext, the current timestamp and the notification to obtain a third message, signs the third message by using an administrator private key to obtain a second signature, signs the identity information of the child node of the untrusted node of all the child nodes of the untrusted node, the new identity information of the child node of the untrusted node, sends a second message to the administrator node, and sends the second message to the administrator private key to the node, wherein the second message is encrypted by using the chip key of the second message, and the second message, The third message and the second signature are combined to obtain a fourth message, and an administrator private key is used for signing an encryption result of a chip key of the untrusted node encrypted by using a chip key of the trusted father node and a fifth message formed by the fourth message to obtain a third signature; the administrator node sends the fifth message and the third signature combination to the credible father node step by step;
the trusted father node extracts an administrator public key from the security chip to verify a third signature, after the verification is passed, the trusted father node decrypts the third signature to obtain a chip key of the untrusted node and a fourth message encrypted by using the chip key of the trusted father node, and decrypts the fifth message according to the chip key of the layer to obtain the chip key of the untrusted node; calculating a session key, encrypting the third message and the second signature by using the session key to obtain a sixth message, calculating identity information of the non-trusted node child node, the third message and the second signature by using the session key through a message authentication function to obtain a second message authentication code, and forming a seventh message by using the current timestamp, the node number of the non-trusted node child node, the sixth message and the second message authentication code and sending the seventh message to the non-trusted node child node;
after receiving the seventh message, the child node of the untrusted node judges that the source of the message is a parent node of the untrusted node, calculates a session key according to the method of claim 4, verifies a second message authentication code by using the session key, decrypts the sixth message after the verification succeeds to obtain a third message and a second signature, extracts an administrator public key from the security chip by the child node of the untrusted node to verify the second signature, decrypts the third message by using the chip key of the local layer after the verification is passed, replaces the identity information with new identity information and stores the new identity information into the security chip, updates the node number and replaces a key pool;
and the trusted subordinate of the sub-node of the non-trusted node completes the updating of the identity information and the node number step by step and replaces the key pool.
6. The group communication method according to claim 5, wherein the non-trusted node child node only has the public key pool when the non-trusted node child node has no subordinate, and the non-trusted node child node replaces each segment of the key in the public key pool, and the replacing key pool comprises the following steps:
dividing a key pool of the layer into a plurality of sections of sub public keys, taking out one section of the sub public key of the key pool, inputting the one section of the sub public key into a security chip, calculating to obtain a public key of an untrusted node, calculating to obtain a public key of a father node of the untrusted node according to the public key of the father node of the untrusted node and new identity information of the child node of the untrusted node, the position of the section of the sub public key, and an x coordinate of a chip key of the father node of the untrusted node on an elliptic curve, calculating to obtain a new sub public key of the child node of the untrusted node, splicing the obtained plurality of new sub public keys according to the sequence of the corresponding sub public keys, and outputting the security chip to obtain a new key pool.
7. The group communication method according to claim 5, wherein the non-trusted node child node has a public key pool and a private key pool, and the trusted node child node replaces each segment of the secret key in the private key pool, and the replacement key pool comprises the following steps:
dividing a private key pool in a key pool of the layer into a plurality of sections of sub private keys, taking out one section of the sub private key of the key pool, inputting the one section of the sub private key into a security chip, calculating to obtain a private key of an untrusted node, calculating to obtain a private key of a parent node of the untrusted node according to the private key of the parent node of the untrusted node and the identity information of the child node of the untrusted node, the position of the section of the sub private key and the x coordinate of a chip key of the parent node of the untrusted node on an elliptic curve to obtain a new sub private key of the child node of the untrusted node, splicing the obtained plurality of new sub private keys according to the sequence of the corresponding sub private keys, and outputting the security chip to obtain a new private key pool; and correspondingly calculating to obtain a public key pool after the private key pool is replaced.
8. The group communication method based on the tree structure and the asymmetric key pool as claimed in claim 6, wherein when the trusted subordinate of the non-trusted node sub-node has no subordinate, the trusted subordinate of the non-trusted node sub-node only has the public key pool, and the trusted subordinate of the non-trusted node sub-node replaces each segment of the key of the public key pool, the replacing key pool comprises the following steps:
dividing a key pool of the layer into a plurality of sections of sub public keys, taking out a section of the sub public key of the key pool, inputting the section of the sub public key into a security chip, calculating to obtain a public key of a child node of the untrusted node, calculating to obtain a public key of a father node of the untrusted node according to the public key of the child node of the untrusted node, calculating to obtain a new child public key of a child node of the untrusted node according to the public key of the father node of the untrusted node and the new identity information of the child node of the untrusted node, the position of the section of the child public key, and the x coordinate of the chip secret key of the father node of the untrusted node on an elliptic curve, calculating to obtain a new child public key of the credible subordinate of the child node of the untrusted node according to the new child public key of the child node of the untrusted node and the new identity information of the credible subordinate of the child node, and the x coordinate of the chip secret key of the child node on the elliptic curve, and then splicing a plurality of new sub public keys of the credible lower level of the obtained non-credible node sub-nodes according to the sequence of the corresponding sub public keys, and outputting a security chip to obtain a new key pool.
9. The group communication method based on the tree structure and the asymmetric key pool as claimed in claim 7, wherein when the trusted subordinate of the child node of the non-trusted node has a subordinate, the trusted subordinate of the child node of the non-trusted node has a public key pool and a private key pool, and the trusted subordinate of the child node of the trusted node replaces each segment of the key of the private key pool, the replacing key pool comprises the following steps:
dividing a private key pool in the key pool of the layer into a plurality of sections of sub private keys, taking out one section of sub private key of the key pool, inputting the section of sub private key into a security chip, calculating to obtain the private key of the sub node of the untrusted node, the private key of the untrusted node is obtained by calculation according to the private key of the child node of the untrusted node, the private key of the parent node of the untrusted node is obtained by calculation according to the private key of the untrusted node, calculating to obtain a new sub private key of the child node of the untrusted node according to the private key of the parent node of the untrusted node and the new identity information of the child node of the untrusted node, the position of the segment of the child private key, and the x coordinate of the chip key of the parent node of the untrusted node on the elliptic curve, calculating according to the new sub-private key of the sub-node of the untrusted node, the new identity information of the trusted subordinate of the sub-node of the untrusted node, the position of the sub-private key and the x coordinate of the chip key of the untrusted node on the elliptic curve to obtain the new sub-private key of the trusted subordinate of the sub-node of the untrusted node; splicing the obtained new sub-private keys of the credible lower levels of the plurality of the sub-nodes of the non-credible nodes according to the sequence of the corresponding sub-private keys, and outputting a security chip to obtain a new private key pool; and correspondingly calculating to obtain a public key pool after the private key pool is replaced.
10. The group communication method based on the tree structure and the asymmetric key pool according to any one of claims 6 or 7, wherein after the key pool replacement is completed, the chip key is updated, and after the update is successful, an eighth message containing the own identity information and new identity information is sent to the trusted parent node; and the trusted father node verifies the received information with the second information stored locally, confirms the child node of the non-trusted node as a new subordinate node after the verification is successful, and updates the identity list.
CN202110194315.4A 2021-02-20 2021-02-20 Group communication method and system based on tree structure and asymmetric key pool Active CN115001723B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110194315.4A CN115001723B (en) 2021-02-20 2021-02-20 Group communication method and system based on tree structure and asymmetric key pool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110194315.4A CN115001723B (en) 2021-02-20 2021-02-20 Group communication method and system based on tree structure and asymmetric key pool

Publications (2)

Publication Number Publication Date
CN115001723A true CN115001723A (en) 2022-09-02
CN115001723B CN115001723B (en) 2024-06-11

Family

ID=83018695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110194315.4A Active CN115001723B (en) 2021-02-20 2021-02-20 Group communication method and system based on tree structure and asymmetric key pool

Country Status (1)

Country Link
CN (1) CN115001723B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117097488A (en) * 2023-10-19 2023-11-21 成都理工大学 Equipment group security verification method based on node path finding

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017100217A1 (en) * 2015-12-11 2017-06-15 Amazon Technologies, Inc. Key exchange through partially trusted third party
CN107204845A (en) * 2017-05-18 2017-09-26 郑州轻工业学院 Can be across the asymmetric group key agreement method of cluster in wireless sensor network
CN110166258A (en) * 2019-06-21 2019-08-23 郑州轻工业学院 The group key agreement method authenticated based on secret protection and attribute
CN110213044A (en) * 2019-05-15 2019-09-06 如般量子科技有限公司 Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system
CN110380859A (en) * 2019-05-30 2019-10-25 如般量子科技有限公司 Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system
CN110517040A (en) * 2019-07-02 2019-11-29 如般量子科技有限公司 Anti- quantum calculation block chain secure transactions method, system and equipment based on group's unsymmetrical key pond
CN110557248A (en) * 2019-07-19 2019-12-10 如般量子科技有限公司 Secret key updating method and system for resisting quantum computation signcryption based on certificateless cryptography
CN110572788A (en) * 2019-07-16 2019-12-13 如般量子科技有限公司 Wireless sensor communication method and system based on asymmetric key pool and implicit certificate
CN111416715A (en) * 2020-04-09 2020-07-14 南京如般量子科技有限公司 Quantum secret communication identity authentication system and method based on secret sharing
CN111447615A (en) * 2020-03-18 2020-07-24 重庆邮电大学 Key management method suitable for clustering wireless sensor network model

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017100217A1 (en) * 2015-12-11 2017-06-15 Amazon Technologies, Inc. Key exchange through partially trusted third party
CN107204845A (en) * 2017-05-18 2017-09-26 郑州轻工业学院 Can be across the asymmetric group key agreement method of cluster in wireless sensor network
CN110213044A (en) * 2019-05-15 2019-09-06 如般量子科技有限公司 Anti- quantum calculation HTTPS based on multiple unsymmetrical key ponds signs close communication means and system
CN110380859A (en) * 2019-05-30 2019-10-25 如般量子科技有限公司 Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system
CN110166258A (en) * 2019-06-21 2019-08-23 郑州轻工业学院 The group key agreement method authenticated based on secret protection and attribute
CN110517040A (en) * 2019-07-02 2019-11-29 如般量子科技有限公司 Anti- quantum calculation block chain secure transactions method, system and equipment based on group's unsymmetrical key pond
CN110572788A (en) * 2019-07-16 2019-12-13 如般量子科技有限公司 Wireless sensor communication method and system based on asymmetric key pool and implicit certificate
CN110557248A (en) * 2019-07-19 2019-12-10 如般量子科技有限公司 Secret key updating method and system for resisting quantum computation signcryption based on certificateless cryptography
CN111447615A (en) * 2020-03-18 2020-07-24 重庆邮电大学 Key management method suitable for clustering wireless sensor network model
CN111416715A (en) * 2020-04-09 2020-07-14 南京如般量子科技有限公司 Quantum secret communication identity authentication system and method based on secret sharing

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117097488A (en) * 2023-10-19 2023-11-21 成都理工大学 Equipment group security verification method based on node path finding
CN117097488B (en) * 2023-10-19 2023-12-19 成都理工大学 Equipment group security verification method based on node path finding

Also Published As

Publication number Publication date
CN115001723B (en) 2024-06-11

Similar Documents

Publication Publication Date Title
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
US20190294811A1 (en) System and a method for management of confidential data
CN108881291B (en) Weight attribute base encryption method based on hierarchical authorization mechanism
Shen et al. Secure authentication in cloud big data with hierarchical attribute authorization structure
CN111211892B (en) Anti-quantum computing internet-of-vehicle system based on secret sharing and identity cryptography and authentication method thereof
CN110881177B (en) Anti-quantum computing distributed Internet of vehicles method and system based on identity secret sharing
CN110830245B (en) Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate
CN108768647B (en) Random number generation method for block chain
CN110913390B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing
CN105208007A (en) Data sharing system
Jiang et al. Verifiable search meets blockchain: A privacy-preserving framework for outsourced encrypted data
US20220086009A1 (en) Method for generating stateful hash based signatures of messages to be signed
CA3107237C (en) Key generation for use in secured communication
CN110830244A (en) Anti-quantum computing vehicle networking method and system based on identity secret sharing and alliance chain
CN111212400A (en) Anti-quantum computing internet-of-vehicle system based on secret sharing and mobile terminal and authentication method thereof
Chaeikar et al. An intelligent cryptographic key management model for secure communications in distributed industrial intelligent systems
CN117040800A (en) Personal archive management scheme based on alliance chain and non-certificate searchable encryption
Sammy et al. An Efficient Blockchain Based Data Access with Modified Hierarchical Attribute Access Structure with CP‐ABE Using ECC Scheme for Patient Health Record
CN108763944B (en) Multi-center large-attribute domain attribute-based encryption method capable of being safely revoked in fog computing
CN115001723A (en) Group communication method and system based on tree structure and asymmetric key pool
Almulla et al. An efficient k‐Means authentication scheme for digital certificates revocation validation in vehicular ad hoc networks
CN114244499B (en) Group communication method and system based on tree structure symmetric key pool
Xiong et al. A cloud based three layer key management scheme for VANET
CN104935582B (en) Big data storage method
CN114629640A (en) White-box accountable attribute-based encryption system and method for solving key escrow problem

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant