CN116132108B - Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key - Google Patents
Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key Download PDFInfo
- Publication number
- CN116132108B CN116132108B CN202211630095.6A CN202211630095A CN116132108B CN 116132108 B CN116132108 B CN 116132108B CN 202211630095 A CN202211630095 A CN 202211630095A CN 116132108 B CN116132108 B CN 116132108B
- Authority
- CN
- China
- Prior art keywords
- key
- dis
- bit
- shared
- users
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000009826 distribution Methods 0.000 title claims abstract description 39
- 239000003999 initiator Substances 0.000 claims abstract description 38
- 238000004590 computer program Methods 0.000 claims description 11
- 238000003860 storage Methods 0.000 claims description 11
- 230000006870 function Effects 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 108010038447 Chromogranin A Proteins 0.000 abstract description 2
- 102100031186 Chromogranin-A Human genes 0.000 abstract description 2
- CPTIBDHUFVHUJK-NZYDNVMFSA-N mitopodozide Chemical compound C1([C@@H]2C3=CC=4OCOC=4C=C3[C@H](O)[C@@H](CO)[C@@H]2C(=O)NNCC)=CC(OC)=C(OC)C(OC)=C1 CPTIBDHUFVHUJK-NZYDNVMFSA-N 0.000 abstract description 2
- 238000004891 communication Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000004048 modification Effects 0.000 description 7
- 238000012986 modification Methods 0.000 description 7
- 238000004364 calculation method Methods 0.000 description 5
- 230000007774 longterm Effects 0.000 description 3
- 238000009795 derivation Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 229920002430 Fibre-reinforced plastic Polymers 0.000 description 1
- 240000006240 Linum usitatissimum Species 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000011151 fibre-reinforced plastic Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Lock And Its Accessories (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a method and a device for authentication and distribution of a general lightweight group key based on a pre-shared pairwise key, which specifically comprises the following steps: first, in the system initialization stage, U is selected 0 As system initiator, for other users U i Encoding to 2 i‑1 The method comprises the steps of carrying out a first treatment on the surface of the Then the phase of generating and broadcasting the public description bit string is carried out by U 1 And others and U 1 Users with the same character string of the previous bit of the shared key construct an n-1 bit description bit string Dis according to the serial numbers of the users and the serial numbers of the users j By traversing |K 0,i Obtaining the common description bit string SP I times Key Simultaneously calculating a pre-shared key K 0,1 Hash value SP of (1) Hash Rear U 0 To other users U i Broadcast SP Key And SP Hash The method comprises the steps of carrying out a first treatment on the surface of the Last U i By SPK ey And resolving the group Key Key, and finally obtaining the group Key Key through authentication. The present invention uses simple logical binary computation and is therefore a very lightweight group key distribution scheme. And the scheme only carries out one-time broadcasting, the traffic is (n-2) Key H (Key), and the transmission efficiency is improved.
Description
Technical Field
The invention relates to the technical field of secure communication such as Internet of things and Internet of vehicles, in particular to a universal lightweight group key authentication distribution method and device based on a pre-shared pairwise key.
Background
In secure communications, we need to share a one-time session key between all communicating participants. Most key distribution schemes allow only two users to share one key in conventional one-to-one communications. While some prior art papers propose such a scheme for group key distribution for multiple participants. Lein harr et al in 2020 proposed a lightweight group key distribution scheme based on pre-shared pairwise keys, the main operations of the proposed scheme being key comparison (i.e. logical exclusive or operation) between two or more keys and calculation of a key derivation function, the broad scheme of which can be based on any type of pairwise key distribution scheme; then they have proposed a general internet of vehicles lightweight group key distribution scheme based on logical operations in 2022, which is lightweight and suitable for P2P IoV communication applications because they only require logical operations.
Through the above analysis, the current general lightweight group key authentication distribution scheme of pre-sharing the pairwise key, though lightweight, still has a shortage in security, and communication efficiency still remains to be improved.
Disclosure of Invention
The invention provides a method and a device for authentication and distribution of a universal lightweight group key based on a pre-shared pairwise key, which are used for solving or at least partially solving the technical problems of low safety and communication efficiency in the prior art.
In order to solve the technical problems, the invention adopts the following technical scheme:
the first aspect provides a method for distributing universal lightweight group key authentication based on a pre-shared pairwise key, comprising the following steps:
s1: selecting a user as an initiator, wherein a pre-shared paired key is arranged between the initiator and each of the other users;
s2: the method comprises the steps that an initiator generates public information according to a pre-shared paired key with each other user, calculates a public hash value of the pre-shared paired key with a first user, and broadcasts the generated public information and the public hash value to other users, wherein the public information is described by adopting binary character strings;
s3: other users than the sponsor generate a group key from the received public information and the public hash value.
In one embodiment, step S1 includes:
s1.1: selecting U 0 As system sponsor, the rest n-1 users are U respectively 1 、...、U n-1 N is allTotal number of users;
s1.2: using n-1 bit strings for user U 1 、…、U n-1 Coding is performed for user U i The ith bit of the n-1 bit string is 1, and all the other bits are 0, wherein i is the user number, thus obtaining the user U i The code of (2) is:a pre-shared pairwise key between the initiator and each of the remaining users of K 0, I=1, 2 … n-1, where all pre-shared pairwise keys are equal in length, i.e., |k 0, |=K 0, |=…=|K 0, |。
In one embodiment, step S2 includes:
s2.1: initializing a common description bit string SP Key The bit string length is (-1) |, wherein |Key|= |K 0, |,| 0, I is U 0 And U i Between pairwise shared secret key K 0, I is the user number, i=1, 2 … n-1, n is the total number of all users;
s2.2: sponsor U 0 Scanning sequentially with other users U i Is a shared key K of (2) 0, Each bit of the scan range j is 1 to |K 0, I.e. j will go | 0, Cycle, U in each cycle 0 First extracting U 1 Is encoded as an initial bit string Dis 1,j Then sequentially access divide U 1 All users outside pre-share j-th bit of paired key, U 0 By judging K 0, (j) The j-th bit, K, of the pre-shared pairwise key with other 0, (j) Whether or not the values of the bit strings are equal is determined, wherein k is the user number, k= … n-1, and if the judgment is successful, the user code is compared with the bit string Dis obtained by the last user through judgment k-1,j Exclusive or operation is performed to obtain a result as a bit string Dis k,j Or else directly send Dis k-1,j Assigned to Dis k,j Up to Dis k,j When k=n-1, SP is finally generated Key () Description bit string Dis of (2) j I.e. Dis j =Dis n-1,j =P Key () The method comprises the steps of carrying out a first treatment on the surface of the Using SP j For all Diss in turn j Connection is carried out to obtain the final public description bit string SP Key As generated common information; wherein K is 0, () Is U (U) 0 And U i Bit value of jth bit of pre-shared pairwise key between SP Key () Describing bit strings for group j, SP j Dis for the bit string result from the jth connection i,j Dis when i=1 i,j Namely U 1 When i takes other values, dis i,j Is U 0 By judging K 0, (j) And K is equal to 0, (j) Whether or not equal to the result value, dis j Is SP Key A description bit string of (2);
s2.3: computing a pre-shared key K 0, Public hash value SP of (1) Hash =(K 0, ),K 0, Is U (U) 0 With the first user U 1 Is a hash function;
S2.4::U 0 public description bit string SP Key And a public hash value SP Hash Broadcast to the remaining users U i The traffic is (n-1) |Key|+|H (Key) |.
In one embodiment, step S2.2 comprises:
s2.2.1: defining a parameter k, k for describing the user, k= {2, …, n-1};
s2.2.2: at the beginning of each cycle, U 0 All first to parameter Dis 1, Assigning Dis 1, =Code(U 1 ),Dis 1, The length is n-1;
s2.2.3: from user U 2 Starting, K loops are n-2 times, and judging K in each loop 0, (j)==K 0, () Whether or not it is true, judging the shared key K of each user 0,k Whether the j-th bit is equal to K 0,1 The j-th bit of (2) is calculated after judgment, and the obtained result is used as a bit string Dis k,j Up to k=n-1, calculating Dis j =Dis n-1,j ;
S2.2.4: each time a Dis is obtained j After that, SP when j=1 j =is j When j is other value, calculate SP j =P j-1 || j Through U 0 Connect and combine SPs j-1 And Dis j As a result, SP j Wherein SP is j-1 || j Representing two bit strings SP j-1 、Dis j Is connected with the operation of the connecting device;
s2.2.5: after j loops are finished, i.e. each bit of all users is scanned to obtain j= |k 0,i |,U 0 Connect and combine |K 0,i I Diss j Calculate SP Key =SP j ,U 0 Obtaining the final public description bit string SP Key 。
In one embodiment, dis in step S2.2.3 k,j The determining mode of (2) comprises the following steps:
s2.2.3.1: when judging equation K 0,k (j)==K 0,1 (j) When established, calculateNamely Dis k-1,j And Code (U) k ) As Dis k,j ;
S2.2.3.2: when the judgment equation is not satisfied, dis k,j =Dis k-1,j 。
In one embodiment, step S3 includes:
S3.1:U i receiving SP Key And SP Hash Back pair SP Key Resolving to define a value range of 1 to j of a parameter j
S3.2:U i First initialize a description bit string D j =SP Key (j*1)…SP Key (j*(n-1)),SP Key (j.1) denotes SP Key (j) Bit value of 1 st, SP Key (j (n-1)) is SP Key (j) The n-1 bit value can obtain D j =Dis j ;
S3.3:U i According to D j The value of the ith bit calculates the group Key Key and analyzes the SP Key All D of (2) j U is obtained after the ith bit of (2) i Wherein the Key is determined by: s3.3.1: if D j If the i bit is 1, key (j) =K is calculated 0,i (j) The j-th bit of Key and K 0,i Is equal to the j-th bit value of (c); if D j The ith bit is 0, then calculateI.e. the j-th bit of Key is K 0,i Is inverted from the j-th bit value of (c).
In one embodiment, the method further comprises:
determining whether H (Key) is equal to SP Hash If the authentication is equal, the authentication is successful, the group Key Key is obtained, and if the authentication is not successful, the authentication is failed.
Based on the same inventive concept, a second aspect of the present invention provides a generic lightweight group key authentication distribution device based on a pre-shared pairwise key, comprising:
the initialization module is used for selecting one user as an initiator, wherein a preshared paired key is arranged between the initiator and each other user;
the public information generation and distribution module is used for generating public information according to the pre-shared paired key with each other user through an initiator, calculating a public hash value of the pre-shared paired key with the first user, and broadcasting the generated public information and the public hash value to other users through the initiator, wherein the public information is described by adopting a binary character string;
and the group key generation module is used for generating a group key according to the received public information and the public hash value by other users except the initiator.
Based on the same inventive concept, a third aspect of the present invention provides a computer-readable storage medium having stored thereon a computer program which, when executed, implements the method of the first aspect.
Based on the same inventive concept, a fourth aspect of the present invention provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, said processor implementing the method according to the first aspect when executing said program.
Compared with the prior art, the invention has the following advantages and beneficial technical effects:
the invention provides a universal lightweight group key authentication distribution method based on a pre-shared paired key, which comprises the steps of firstly generating a pre-shared paired key between any pair of members in a system initialization stage, and selecting U 0 As system initiator, for other users U i Encoding to 2 i-1 The method comprises the steps of carrying out a first treatment on the surface of the Then the phase of generating and broadcasting public information is carried out by U 1 And others and U 1 Users with the same character string of the previous bit of the shared key construct an n-1 bit public bit string Dis according to the serial numbers of the users and the serial numbers of the users j By traversing |K 0, Obtaining the common description bit string SP I times Key Simultaneously calculating a pre-shared key K 0, Hash value SP of (1) Hash Rear U 0 To other users U i Broadcast SP Key And SP Hash The method comprises the steps of carrying out a first treatment on the surface of the Last U i By SP Key And resolving the group Key Key, and finally obtaining the group Key Key through authentication. The present invention uses simple logical binary computation and is therefore a very lightweight group key distribution scheme. And the scheme only carries out one-time broadcasting, the traffic is (n-2) Key H (Key), and the transmission efficiency is improved. In this scheme, an attacker can obtain the SP Key And SP Hash But not all pre-shared pairwise keys. Therefore, the attacker cannot obtain any information of the group Key Key, and the scheme is quite safe.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a model diagram of a method for generic lightweight group key authentication distribution based on pre-shared pairwise keys provided by an embodiment of the present invention;
FIG. 2 is a block diagram of a generic lightweight group key authentication distribution device based on a pre-shared pairwise key according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a computer readable storage medium according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The invention provides a universal lightweight group key authentication distribution method based on a pre-shared pairwise key, which is an authentication lightweight group key distribution scheme. In the scheme of the invention, it is assumed that a pair of keys is already shared between any pair of members in the group. The scheme aims to establish a group key for all users in a broadcast channel, so that a plurality of users share a key. The scheme comprises the following steps:
the number of users U, which is the number of users of the pre-established group key in the scheme is n 0 And other users U i Where i= {1,2, …, n-1}, U 0 Is a system sponsor.
Pre-shared pairwise key K 0, For system sponsor U 0 With the rest of the users U i A pre-shared pairwise key exists therebetween, wherein all pre-shared pairwise keys are equal in length, i.e. |K 0, |=K 0, |=…=|K 0, |。
Group shared Key Key, U 0 With the rest of the users U i Together, the group keys are co-generated.
Public description bit string SP Key From j common bit strings Dis j Composition of each Dis j Having n-1 bits and thus SP Key Length of (n-1) |K 0, | a. The invention relates to a method for producing a fibre-reinforced plastic composite. And is composed of U 0 Broadcast to other users, mainly used for generating the group shared Key Key. Wherein Dis j Mainly for describing a common description bit string SP Key J= {1, …, |k in this scheme 0, |}。
In the universal lightweight group key authentication distribution method based on the pre-shared pairwise key, the group key distribution scheme of the invention is based on the pairwise key pre-shared for all users, and uses a traditional Message Authentication Code (MAC) to provide authentication, and can be constructed on any pairwise key distribution scheme, wherein one member of the group members serves as an initiator and is responsible for distributing public information to all group members using the information to generate the group key in a non-interactive mode. Therefore, how to generate the public information is a key factor of the scheme of the present invention. The applicant optimizes the key distribution technology on the basis of previous researches from three aspects of safety, calculation and communication, and can effectively ensure the safety and communication efficiency of the scheme.
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
The embodiment of the invention provides a universal lightweight group key authentication distribution method based on a pre-shared pairwise key, which comprises the following steps:
s1: selecting a user as an initiator, wherein a pre-shared paired key is arranged between the initiator and each of the other users;
s2: the method comprises the steps that an initiator generates public information according to a pre-shared paired key with each other user, calculates a public hash value of the pre-shared paired key with a first user, and broadcasts the generated public information and the public hash value to other users, wherein the public information is described by adopting binary character strings;
s3: other users than the sponsor generate a group key from the received public information and the public hash value.
Referring to fig. 1, a model diagram of a generic lightweight group key authentication distribution method based on a pre-shared pairwise key according to an embodiment of the present invention is provided.
Specifically, the whole flow of the scheme of the invention is mainly divided into three phases, namely a system initialization phase, a phase of generating and broadcasting a public description bit string (public information) and a phase of generating a group key. Mainly comprises the following steps: system sponsor U 0 Other users U i 、U 0 In advance with the rest of the users U i Is a shared key K of (2) 0, Group Key, public description bit string SP Key In this scheme, i= {1,2, …, n-1}. Implementation of the scheme aims at n users U 0 、U 1 、...、U n-1 And obtaining the shared group Key Key. The main process is U 0 As system initiator, is pre-connected with other users U i Possession of shared secret key K 0, According to rule U 0 Generating SP Key And calculate K 0, Public hash value SP of (1) Hash The backward system broadcasts, each user analyzes the SP according to the shared key Key And obtaining a group Key Key through authentication.
In one embodiment, step S1 includes:
s1.1: selecting U 0 As system sponsor, the rest n-1 users are U respectively 1 、...、U n-1 N is the total number of all users;
s1.2: using n-1 bit strings for user U 1 、…、U n-1 Coding is performed for user U i The ith bit of the n-1 bit string is 1, and all the other bits are 0, wherein i is the user number, thus obtaining the user U i The code of (2) is:a pre-shared pairwise key between the initiator and each of the remaining users of K 0, I=1, 2 … n-1, where all pre-shared pairwise keys are equal in length, i.e., |k 0, |=K 0, |=…=|K 0, |。
In one embodiment, step S2 includes:
s2.1: initializing a common description bit string SP Key The bit string length is (-1) |, wherein |Key|= |K 0, |,| 0, I is U 0 And U i Between pairwise shared secret key K 0, N is the total number of all users;
s2.2: sponsor U 0 Scanning sequentially with other users U i Is a shared key K of (2) 0, Each bit of the scan range j is 1 to |K 0, I.e. j will go | 0, Circulation. In each cycle, U 0 First extracting U 1 Is encoded as an initial bit string Dis 1,j . Re-sequential access divide U 1 All users outside pre-share j-th bit of paired key, U 0 By judging K 0, (j) The j-th bit, K, of the pre-shared pairwise key with other 0, (j) Whether or not the values of the bit strings are equal is determined, wherein k is the user number, k= … n-1, and if the judgment is successful, the user code is compared with the bit string Dis obtained by the last user through judgment k-1,j Exclusive or operation is performed to obtain a result as a bit string Dis k,j Or else directly send Dis k-1,j Assigned to Dis k,j Up to Dis k,j When k=n-1, SP is finally generated Key () Description bit string Dis of (2) j I.e. Dis j =Dis n-1,j =P Key (). Using SP j For all Diss in turn j Connection is carried out to obtain the final public description bit string SP Key As generated common information. Wherein K is 0, () Is U (U) 0 And U i Bit value of jth bit of pre-shared pairwise key between SP Key () Describing bit strings for group j, SP j Dis for the bit string result from the jth connection i,j Dis when i=1 i,j Namely U 1 When i takes other values, dis i,j Is U 0 By judging K 0, (j) And K is equal to 0, (j) Whether or not equal to the result value, dis j Is SP Key Description of (2)A bit string;
s2.3: computing a pre-shared key K 0, Public hash value SP of (1) Hash =(K 0, ),K 0, Is U (U) 0 With the first user U 1 Is a hash function;
S2.4::U 0 public description bit string SP Key And a public hash value SP Hash Broadcast to the remaining users U i The traffic is (n-1) |Key|+|H (Key) |.
Specifically, in the loop of step S2.2, each XOR is according to Dis k,j The former value is calculated, i.e. Dis k-1,j And U k The result of exclusive-or operation of the code of (a) is Dis k,j The last cycle, i.e. when k=n-1, gives SP Key The j-th group describes bit string Dis n-1, With Dis j And (3) representing.
Dis (Dis) j Namely SP Key SP of the first set of values of (1) Key Totally by j Diss j Composition of Dis j The result is obtained by judging the j-th bit value of each user with the j-th bit of the first user.
U 0 By judging K 0, () Determine Dis by determining whether the j-th bit of the shared key is equal to the other shared key k,j When all K of the current jth bit is accessed 0, Finally generate SP Key () Is of a common bit string Dis j Using SP j For all Diss in turn j Connection is carried out to obtain a final public description bit string SP Key 。
In one embodiment, step S2.2 comprises:
s2.2.1: defining a parameter k, k for describing the user, k= {2, …, n-1};
s2.2.2: at the beginning of each cycle, U 0 All first to parameter Dis 1, Assigning Dis 1, =Code(U 1 ),Dis 1, The length is n-1;
s2.2.3: from user U 2 Starting, K loops are n-2 times, and judging K in each loop 0, (j)==K 0, () Whether or not it is true, judging the shared key K of each user 0, Whether the j-th bit is equal to K 0, The j-th bit of (2) is calculated after judgment, and the obtained result is used as a bit string Dis k,j Until k=n-1, calculate j =Dis n-1,j ;
S2.2.4: each time a Dis is obtained j After that, SP when j=1 j =is j When j is other value, calculate SP j =P j-1 || j Through U 0 Connect and combine SPs j-1 And Dis j As a result, SP j Wherein SP is j-1 || j Representing two bit strings SP j-1 、Dis j Is connected with the operation of the connecting device;
s2.2.5: after j loops are finished, i.e. each bit of all users is scanned to obtain j= |k 0, |,U 0 Connect and combine |K 0, I Diss j Calculate SP Key =P j ,U 0 Obtaining the final public description bit string SP Key 。
Specifically, dis satisfies the judgment condition k,j Can be used to describe the user U who satisfies the judgment condition k Code (U) k ) And Dis k-1,j When j is equal to 1, dis is the result of exclusive OR operation j =Dis k,j ,Dis j Namely U 1 Is encoded by (a); and when j is greater than 1, dis j Is just a public description bit string SP Key Is the j-th bit group of (c). Dis does not satisfy the judgment condition k,j Is equal to Dis k-1,j . When judging U 1 Final Dis obtained by sharing the current jth bit of the pairwise key with all users j 。
In one embodiment, dis is determined in step S2.2.3 by the determination k,j Comprises:
s2.2.3.1: when judging equation K 0,k (j)==K 0,1 (j) When established, calculate Dis k,j =Dis k-1,j ⊕Code(U 1 ) I.e. Dis k-1,j And Code (U) k ) As Dis k,j ;
S2.2.3.2: when the judgment equation is not satisfied, dis k,j =Dis k-1,j . In one embodiment, step S3 includes:
S3.1:U i receiving SP Key And SP Hash Back pair SP Key Resolving to define a value range of 1 to j of a parameter j
S3.2:U i First initialize a description bit string D j =SP Key (j*1)…SP Key (j*(n-1)),SP Key (j.1) denotes SP Key (j) Bit value of 1 st, SP Key (j (n-1)) is SP Key (j) The n-1 bit value can obtain D j =Dis j ;
S3.3:U i According to D j The value of the ith bit calculates the group Key Key and analyzes the SP Key All D of (2) j U is obtained after the ith bit of (2) i Wherein the Key is determined by: if D j If the i bit is 1, key (j) =K is calculated 0,i (j) The j-th bit of Key and K 0,i Is equal to the j-th bit value of (c); if D j The ith bit is 0, then calculateI.e. the j-th bit of Key is K 0,i Is inverted from the j-th bit value of (c).
In one embodiment, the method further comprises:
determining whether H (Key) is equal to SP Hash If the authentication is equal, the authentication is successful, the group Key Key is obtained, and if the authentication is not successful, the authentication is failed.
The embodiment further provides an authentication method, which is used for judging whether authentication is successful or not by judging whether the calculated hash value is equal to the received public hash value, and only if authentication is successful, the group Key Key can be obtained.
For the purpose ofFor better understanding of the scheme, the invention provides two specific examples, wherein the number of users is 4 in the first example, and the number of users is 5 in the second example. In this example it is assumed that the pre-shared pairwise key and group key have only one bit, i.e. |K 0,1 |=|Key|=1。
In a group, there are four users { U ] 0 、U 1 、U 2 、U 3 },U 0 As a system initiator. { U 1 ,U 2 ,U 3 The code of {001,010,100}, the pre-shared pairwise key is { K } 0,1 ,K 0,2 ,K 0,3 All possible keys and their corresponding group keys are shown in table 1.
Table 1 all possible keys for four users and their corresponding group keys
| U 1 (K 0,1 ) | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 |
| U 2 (K 0,2 ) | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 |
| U 3 (K 0,3 ) | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 |
| SP Key | 111 | 011 | 101 | 001 | 001 | 101 | 011 | 111 |
| Key | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 |
In one group, there are five users { U ] 0 、U 1 、U 2 、U 3 、U 4 },U 0 As a system initiator. { U 1 、U 2 、U 3 、U 4 The codes of {0001,0010,0100,1000}, the pre-shared pairwise keys are { K }, respectively 0,1 ,K 0,2 ,K 0,3 ,K 0,4 }. All possible keys and their corresponding group keys are shown in table 2:
table 2 all possible keys for five users and their corresponding group keys
| U 1 (K 0,1 ) | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
| U 2 (K 0,2 ) | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 |
| U 3 (K 0,3 ) | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 |
| U 4 (K 0,4 ) | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 | 0 | 1 |
| SP Key | 1111 | 0111 | 1011 | 0011 | 1101 | 0101 | 1001 | 0001 | 0001 | 1001 | 0101 | 1101 | 0011 | 1011 | 0111 | 1111 |
| Key | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
The invention provides a general lightweight group key authentication distribution scheme based on a pre-shared pairwise key, wherein public information is described by introducing a binary character string. Assuming that the pairwise key between the initiator and the group member is only 1 bit, the present invention divides the group into two subgroups, one containing users with keys of 0 and the other containing users with keys of 1, so the common information is the two subgroups. The present invention introduces a common binary string of n-1 bits to describe both subgroups, where 0 represents one subgroup and 1 represents the other subgroup. Removing systemOther group members outside the system sponsor are numbered {1, …, n-1}, and the corresponding codes are {2 ] 1-1 ,…,2 n-1 -n-1 binary strings; then, by U 1 And others and U 1 The users with the same current character string of the shared key construct an n-1 bit public description bit string SP according to the logical exclusive OR Key If the paired key has multiple bits, the length of the key is circulated according to the steps, and then the pre-shared key K is calculated 0, Hash value SP of (1) Hash 。U 0 Broadcasting SPs to each user Key And SP Hash . After obtaining these two messages, each user U i Can all be in SP by oneself Key The ith bit of the code is used for resolving the group Key Key, namely if the value is 1, K is taken 0,i (j) As a group Key Key (j), conversely K is to be taken as 0, (j) The inverse is taken as the group Key (j). After obtaining Key, H (Key) =sp is determined Hash If the group Key is established, the authentication is successful, and the group Key is obtained.
From the present invention, two examples can be given that the value of the group Key Key is equal to K 0, While before the scheme is run, the key distributor U 0 Knows K 0,1 . Thus, the scheme of the invention introduces a traditional Message Authentication Code (MAC) and proposes U 0 By calculating K 0, As MAC, and uses SP Key Broadcasting is performed. Because the attacker does not know K 0,1 So he does not forge a memory with a valid hash value K 0,1 Is a message of (a). The scheme of the present invention uses a non-interactive conventional Message Authentication Code (MAC) to provide authentication, yet is very efficient.
In this scheme, an attacker can obtain the SP Key And SP Hash But not all pre-shared pairwise keys. SP (service provider) Key Revealing only whether one bit of a user's pair of keys is associated with K 0,1 The corresponding bits are identical, but the secret of the pairwise key is not revealed. Therefore, an attacker cannot know any information of the group Key Key, and the scheme is quite safe.
In summary, the key distribution technology provided by the invention is respectively from three parties of security, calculation and communicationThe facets are optimized. In the aspect of security, MAC is introduced to provide authentication, so that security certification is carried out on the scheme in a calculation mode; computationally, simple logical binary computations, such as XOR and Neg, are employed, so it is a very lightweight group key distribution scheme; in communication, the scheme of the present invention only performs one broadcast because the present invention calculates the SP Key When Dis is always set 1, =Code(U 1 ) = … 01 because the calculation of the invention is based on the pairwise key K 0, Each bit K of (2) 0, () Thus for each j the initiator does not need to broadcast Dis j Since all group members know that it is bit 1, which means that a binary string of n-2 is sufficiently encoded. By the method, the communication of the scheme of the invention can be reduced to (n-2) Key I++ H (Key), and the transmission efficiency is improved.
The aim of the proposed solution is to generate a one-time group key in a group of more than two members based on a pre-shared pairwise key. If these pre-shared keys are long-term keys, a Key Derivation Function (KDF) may be applied to these long-term keys to derive one-time pairwise keys in order to protect their security. Before invoking the scheme of the invention, the initiator runs a KDF, and initially derives a one-time pairwise key from the long-term pairwise keys of other members, some random nonces, and each member.
Example two
Based on the same inventive concept, this embodiment provides a generic lightweight group key authentication distribution device based on a pre-shared pairwise key, please refer to fig. 2, which includes:
an initialization module 201, configured to select a user as an initiator, where a pre-shared pairwise key is provided between the initiator and each of the other users;
a public information generating and distributing module 202, configured to generate public information according to a pre-shared pairwise key with each other user by an initiator, and calculate a public hash value of the pre-shared pairwise key with the first user, where the initiator broadcasts the generated public information and the public hash value to the other users, and the public information is described by using a binary string;
the group key generation module 203 is configured to generate a group key according to the received public information and the public hash value by other users except the initiator.
Since the device described in the second embodiment of the present invention is a device used for implementing the method for authentication and distribution of a generic lightweight group key based on a pre-shared pairwise key in the first embodiment of the present invention, based on the method described in the first embodiment of the present invention, a person skilled in the art can understand the specific structure and modification of the device, and therefore, the details are not repeated here. All devices used in the method of the first embodiment of the present invention are within the scope of the present invention.
Example III
Based on the same inventive concept, please refer to fig. 3, the present invention further provides a computer readable storage medium 300, on which a computer program 311 is stored, which when executed implements the method as described in embodiment one.
Since the computer readable storage medium described in the third embodiment of the present invention is a computer readable storage medium used for implementing the method for authentication and distribution of a generic lightweight group key based on a pre-shared pairwise key in the first embodiment of the present invention, a person skilled in the art can understand the specific structure and variations of the computer readable storage medium based on the method described in the first embodiment of the present invention, and therefore, the details are not repeated here. All computer readable storage media used in the method according to the first embodiment of the present invention are included in the scope of protection.
Example IV
Based on the same inventive concept, the present application also provides a computer device, as shown in fig. 4, including a memory 401, a processor 402, and a computer program 403 stored in the memory and capable of running on the processor, where the processor executes the program to implement the method in the first embodiment.
Because the computer device described in the fourth embodiment of the present invention is a computer device used for implementing the method for authentication and distribution of a generic lightweight group key based on a pre-shared pairwise key in the first embodiment of the present invention, based on the method described in the first embodiment of the present invention, a person skilled in the art can understand the specific structure and the modification of the computer device, and therefore, the description thereof is omitted here. All computer devices used in the method of the first embodiment of the present invention are within the scope of the present invention.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims and the equivalents thereof, the present invention is also intended to include such modifications and variations.
Claims (7)
1. The universal lightweight group key authentication distribution method based on the pre-shared pairwise key is characterized by comprising the following steps:
s1: selecting a user as an initiator, wherein a pre-shared paired key is arranged between the initiator and each of the other users;
s2: the method comprises the steps that an initiator generates public information according to a pre-shared paired key with each other user, calculates a public hash value of the pre-shared paired key with a first user, and broadcasts the generated public information and the public hash value to other users, wherein the public information is described by adopting binary character strings;
s3: generating a group key by other users except the initiator according to the received public information and the public hash value;
wherein, step S1 includes:
s1.1: selecting U 0 As system sponsor, the rest n-1 users are U respectively 1 、...、U n-1 N is the total number of all users;
s1.2: using n-1 bit strings for user U 1 、…、U n-1 Coding is performed for user U i The ith bit of the n-1 bit string is 1, and all the other bits are 0, wherein i is the user number, thus obtaining the user U i The code of (2) is:a pre-shared pairwise key between the initiator and each of the remaining users of K 0,i I=1, 2..n-1, where all pre-shared pairwise key lengths are equal, i.e., |k 0,1 |=|K 0,2 |=…=|K 0,i |;
The step S2 comprises the following steps:
s2.1: initializing a common description bit string SP Key The bit string length is (n-1) Key, wherein Key K is = |K 0,i |,|K 0,i I is U 0 And U i Between pairwise shared secret key K 0,i I is the user number, i=1, 2..n-1, n is the total number of all users;
s2.2: sponsor U 0 Scanning sequentially with other users U i Is a shared key K of (2) 0,i Each bit of the scan range j is 1 to |K 0,i I.e. j will go on |K 0,i Cycle, U in each cycle 0 First extracting U 1 Is encoded as an initial bit string Dis 1,j Then sequentially access divide U 1 All users outside pre-share j-th bit of paired key, U 0 By judging K 0,1 (j) The j-th bit, K, of the pre-shared pairwise key with other 0,k (j) Whether equal or not to determine the value of the bit string, where k is the user number, k=2..n-1, and if the determination is successful, comparing the user's code with the bit string Dis obtained by the last user through the determination k-1,j Exclusive or operation is performed to obtain a result as a bit string Dis k,j Or else directly send Dis k-1,j Assigned to Dis k,j Up to Dis k,j When k=n-1, SP is finally generated Key (j) Description bit string Dis of (2) j I.e. Dis j =Dis n-1,j =SP Key (j) The method comprises the steps of carrying out a first treatment on the surface of the Using SP j For all Diss in turn j Connection is carried out to obtain the final public description bit string SP Key As generated common information; wherein K is 0,i (j) Is U (U) 0 And U i Bit value of jth bit of pre-shared pairwise key between SP Key (j) Describing bit strings for group j, SP j Dis for the bit string result from the jth connection i,j Dis when i=1 i,j Namely U 1 When i takes other values, dis i,j Is U 0 By judging K 0,1 (j) And K is equal to 0,i (j) Whether or not equal to the result value, dis j Is SP Key A description bit string of (2);
s2.3: computing a pre-shared key K 0,1 Public hash value SP of (1) Hash =H(K 0,1 ),K 0,1 Is U (U) 0 With the first user U 1 Is a hash function;
S2.4:U 0 public description bit string SP Key And a public hash value SP Hash Broadcast to the remaining users U i The traffic is (n-1) |Key|+|H (Key) |;
the step S3 comprises the following steps:
S3.1:U i receiving SP Key And SP Hash Back pair SP Key Resolving to define a value range of 1 to j of a parameter j
S3.2:U i First initialize a description bit string D j =SP Key (j*1)...SP Key (j*(n-1)),SP Key (j.1) denotes SP Key (j) Bit value of 1 st, SP Key (j (n-1)) is SP Key (j) The n-1 bit value can obtain D j =Dis j ;
S3.3:U i According to D j The value of the ith bit calculates the group Key Key and analyzes the SP Key All D of (2) j U is obtained after the ith bit of (2) i Wherein the Key is determined by: if D j If the i bit is 1, key (j) =K is calculated 0,i (j) The j-th bit of Key and K 0,i Is equal to the j-th bit value of (c); if D j The ith bit is 0, then calculateI.e. the j-th bit of Key is K 0,i Is inverted from the j-th bit value of (c).
2. The method for generic lightweight group key authentication distribution based on pre-shared pairwise keys of claim 1, wherein step S2.2 comprises:
s2.2.1: defining a parameter k, k for describing the user, k= {2, n-1};
s2.2.2: at the beginning of each cycle, U 0 All first to parameter Dis 1,j Assigning Dis 1,j =Code(U 1 ),Dis 1,j The length is n-1;
s2.2.3: from user U 2 Starting, K loops are n-2 times, and judging K in each loop 0,k (j)==K 0,1 (j) Whether or not it is true, judging the shared key K of each user 0,k Whether the j-th bit is equal to K 0,1 The j-th bit of (2) is calculated after judgment, and the obtained result is used as a bit string Dis k,j Up to k=n-1, calculating Dis j =Dis n-1,j ;
S2.2.4: each time a Dis is obtained j After that, SP when j=1 j =Dis j When j is other value, calculate SP j =SP j-1 ||Dis j Through U 0 Connect and combine SPs j-1 And Dis j As a result, SP j Wherein SP is j-1 ||Dis j Representing two bit strings SP j-1 、Dis j Is connected with the operation of the connecting device;
s2.2.5: after j loops are finished, i.e. each bit of all users is scanned to obtain j= |k 0,i |,U 0 Connect and combine |K 0,i I Diss j Calculate SP Key =SP j ,U 0 Obtaining the final public description bit string SP Key 。
3. The method for generic lightweight group key authentication distribution based on pre-shared pairwise keys of claim 1, wherein Dis in step S2.2.3 k,j The determination mode of (2) comprises the following steps:
s2.2.3.1: when judging equation K 0,k (j)==K 0,1 (j) When established, calculateNamely Dis k-1,j And Code (U) k ) As Dis k,j ;
S2.2.3.2:When the judgment equation is not satisfied, dis k,j =Dis k-1,j 。
4. The pre-shared pairwise key based generic lightweight group key authentication assignment method of claim 1, further comprising:
determining whether H (Key) is equal to SP Hash If the authentication is equal, the authentication is successful, the group Key Key is obtained, and if the authentication is not successful, the authentication is failed.
5. A universal lightweight group key authentication distribution device based on a pre-shared pairwise key, comprising:
the initialization module is used for selecting one user as an initiator, wherein a preshared paired key is arranged between the initiator and each other user;
the public information generation and distribution module is used for generating public information according to the pre-shared paired key with each other user through an initiator, calculating a public hash value of the pre-shared paired key with the first user, and broadcasting the generated public information and the public hash value to other users through the initiator, wherein the public information is described by adopting a binary character string;
the group key generation module is used for generating a group key according to the received public information and the public hash value by other users except the initiator;
the initialization module is specifically configured to execute the following steps:
s1.1: selecting U 0 As system sponsor, the rest n-1 users are U respectively 1 、...、U n-1 N is the total number of all users;
s1.2: using n-1 bit strings for user U 1 、...、U n-1 Coding is performed for user U i The ith bit of the n-1 bit string is 1, and all the other bits are 0, wherein i is the user number, thus obtaining the user U i The code of (2) is:a pre-shared pairwise key between the initiator and each of the remaining users of K 0,i I=1, 2..n-1, where all pre-shared pairwise key lengths are equal, i.e., |k 0,1 |=|K 0,2 |=…=|K 0,i |;
The public information generation and distribution module is specifically configured to execute the following steps:
s2.1: initializing a common description bit string SP Key The bit string length is (n-1) Key, wherein Key K is = |K 0,i |,|K 0,i I is U 0 And U i Between pairwise shared secret key K 0,i I is the user number, i=1, 2..n-1, n is the total number of all users;
s2.2: sponsor U 0 Scanning sequentially with other users U i Is a shared key K of (2) 0,i Each bit of the scan range j is 1 to |K 0,i I.e. j will go on |K 0,i Cycle, U in each cycle 0 First extracting U 1 Is encoded as an initial bit string Dis 1,j Then sequentially access divide U 1 All users outside pre-share j-th bit of paired key, U 0 By judging K 0,1 (j) The j-th bit, K, of the pre-shared pairwise key with other 0,k (j) Whether equal or not to determine the value of the bit string, where k is the user number, k=2..n-1, and if the determination is successful, comparing the user's code with the bit string Dis obtained by the last user through the determination k-1,j Exclusive or operation is performed to obtain a result as a bit string Dis k,j Or else directly send Dis k-1,j Assigned to Dis k,j Up to Dis k,j When k=n-1, SP is finally generated Key (j) Description bit string Dis of (2) j I.e. Dis j =Dis n-1,j =SP Key (j) The method comprises the steps of carrying out a first treatment on the surface of the Using SP j For all Diss in turn j Connection is carried out to obtain the final public description bit string SP Key As generated common information; wherein K is 0,i (j) Is U (U) 0 And U i Bit value of jth bit of pre-shared pairwise key between SP Key (j) The bit string is described for the j-th group,SP j dis for the bit string result from the jth connection i,j Dis when i=1 i,j Namely U 1 When i takes other values, dis i,j Is U 0 By judging K 0,1 (j) And K is equal to 0,i (j) Whether or not equal to the result value, dis j Is SP Key A description bit string of (2);
s2.3: computing a pre-shared key K 0,1 Public hash value SP of (1) Hash =H(K 0,1 ),K 0,1 Is U (U) 0 With the first user U 1 Is a hash function;
S2.4:U 0 public description bit string SP Key And a public hash value SP Hash Broadcast to the remaining users U i The traffic is (n-1) |Key|+|H (Key) |;
the group key generation module is specifically configured to perform the following steps:
S3.1:U i receiving SP Key And SP Hash Back pair SP Key Resolving to define a value range of 1 to j of a parameter j
S3.2:U i First initialize a description bit string D j =SP Key (j*1)...SP Key (j*(n-1)),SP Key (j.1) denotes SP Key (j) Bit value of 1 st, SP Key (j (n-1)) is SP Key (j) The n-1 bit value can obtain D j =Dis j ;
S3.3:U i According to D j The value of the ith bit calculates the group Key Key and analyzes the SP Key All D of (2) j U is obtained after the ith bit of (2) i Wherein the Key is determined by: if D j If the i bit is 1, key (j) =K is calculated 0,i (j) The j-th bit of Key and K 0,i Is equal to the j-th bit value of (c); if D j The i-th bit is 0 and,then calculateI.e. the j-th bit of Key is K 0,i Is inverted from the j-th bit value of (c).
6. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when executed, implements the method according to any one of claims 1 to 4.
7. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 4 when the program is executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211630095.6A CN116132108B (en) | 2022-12-19 | 2022-12-19 | Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211630095.6A CN116132108B (en) | 2022-12-19 | 2022-12-19 | Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116132108A CN116132108A (en) | 2023-05-16 |
| CN116132108B true CN116132108B (en) | 2024-04-12 |
Family
ID=86307164
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211630095.6A Active CN116132108B (en) | 2022-12-19 | 2022-12-19 | Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116132108B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20100096618A (en) * | 2009-02-25 | 2010-09-02 | 성균관대학교산학협력단 | Method for group key distribution, and conditional access system using the method |
| CN102946313A (en) * | 2012-10-08 | 2013-02-27 | 北京邮电大学 | Model and method for user authentication for quantum key distribution network |
| CN108259185A (en) * | 2018-01-26 | 2018-07-06 | 湖北工业大学 | A kind of group key agreement system and method for group communication moderate resistance leakage |
| CN112953726A (en) * | 2021-03-01 | 2021-06-11 | 西安电子科技大学 | Method, system and application for fusing dual-layer satellite network satellite-ground and inter-satellite networking authentication |
| CN114553419A (en) * | 2022-03-24 | 2022-05-27 | 上海循态量子科技有限公司 | Quantum identity authentication method and system based on continuous variable quantum key distribution |
| WO2022111187A1 (en) * | 2020-11-30 | 2022-06-02 | 腾讯科技(深圳)有限公司 | Terminal authentication method and apparatus, computer device, and storage medium |
| CN115396887A (en) * | 2022-07-22 | 2022-11-25 | 西安电子科技大学 | Rapid and safe switching authentication method, device and system for high-speed mobile terminal |
-
2022
- 2022-12-19 CN CN202211630095.6A patent/CN116132108B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20100096618A (en) * | 2009-02-25 | 2010-09-02 | 성균관대학교산학협력단 | Method for group key distribution, and conditional access system using the method |
| CN102946313A (en) * | 2012-10-08 | 2013-02-27 | 北京邮电大学 | Model and method for user authentication for quantum key distribution network |
| CN108259185A (en) * | 2018-01-26 | 2018-07-06 | 湖北工业大学 | A kind of group key agreement system and method for group communication moderate resistance leakage |
| WO2022111187A1 (en) * | 2020-11-30 | 2022-06-02 | 腾讯科技(深圳)有限公司 | Terminal authentication method and apparatus, computer device, and storage medium |
| CN112953726A (en) * | 2021-03-01 | 2021-06-11 | 西安电子科技大学 | Method, system and application for fusing dual-layer satellite network satellite-ground and inter-satellite networking authentication |
| CN114553419A (en) * | 2022-03-24 | 2022-05-27 | 上海循态量子科技有限公司 | Quantum identity authentication method and system based on continuous variable quantum key distribution |
| CN115396887A (en) * | 2022-07-22 | 2022-11-25 | 西安电子科技大学 | Rapid and safe switching authentication method, device and system for high-speed mobile terminal |
Non-Patent Citations (3)
| Title |
|---|
| 一种高效的匿名口令认证密钥交换协议;阮鸥;王子豪;张明武;;中南民族大学学报(自然科学版);20180615(02);全文 * |
| 基于IPv6SSM组播的安全群密钥管理研究与实现;刘未, 刘旭东;计算机工程;20050805(08);全文 * |
| 基于秘密共享的组播密钥更新算法;赵龙泉;苏锦海;;计算机工程;20101105(21);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116132108A (en) | 2023-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109951443B (en) | Set intersection calculation method and system for privacy protection in cloud environment | |
| Shankar et al. | RGB-based secure share creation in visual cryptography using optimal elliptic curve cryptography technique | |
| Kim et al. | Constant-round authenticated group key exchange for dynamic groups | |
| JP2024045351A (en) | Computer-implemented system and method for performing computational task across group operating in trust-less or dealer-free manner | |
| Tiwari et al. | Novel method for DNA‐based elliptic curve cryptography for IoT devices | |
| CN113591146B (en) | Efficient and safe two-party computing system and computing method based on cooperation | |
| CN111819817A (en) | Method and system for block chain implementation for bilinear mapping accumulator-based authorization | |
| CN110709875A (en) | Method and system for establishing trusted peer-to-peer communication between nodes in a blockchain network | |
| CN107294696B (en) | Method for distributing full homomorphic keys for Leveled | |
| Zheng et al. | A communication–computation efficient group key algorithm for large and dynamic groups | |
| CN113489591B (en) | Traceable comparison attribute encryption method based on multiple authorization centers | |
| Vijayakumar et al. | Computation and communication efficient key distribution protocol for secure multicast communication | |
| CN103957101B (en) | Group key establishing method in group communication | |
| Desmedt et al. | Scalable authenticated tree based group key exchange for ad-hoc groups | |
| Yang et al. | A group key agreement protocol based on ecdh and short signature | |
| CN116132108B (en) | Universal lightweight group key authentication distribution method and device based on pre-shared pairwise key | |
| CN115473633B (en) | Method and device for generating SM2 digital signature by multiparty cooperation | |
| Choi et al. | ID-based authenticated group key agreement secure against insider attacks | |
| CN106487502B (en) | Lightweight key negotiation method based on password | |
| CN117155551A (en) | Secret information sharing method, system, equipment and storage medium | |
| CN114844649B (en) | Secret key distribution method containing trusted third party based on superlattice PUF | |
| CN105915340A (en) | Multi-receiver anonymous signcryption method based on Gu-Map1 multilinear mapping example on ideal lattice | |
| Zhang et al. | On the Construction and Analysis of Verifiable Multi-secret Sharing Based on Non-homogeneous Linear Recursion. | |
| KR20040053209A (en) | Public key cryptographic method based on braid groups | |
| Thanalakshmi et al. | A quantum resistant universal designated verifier signature proof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |