CN117527229A - Method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm - Google Patents
Method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm Download PDFInfo
- Publication number
- CN117527229A CN117527229A CN202311715363.9A CN202311715363A CN117527229A CN 117527229 A CN117527229 A CN 117527229A CN 202311715363 A CN202311715363 A CN 202311715363A CN 117527229 A CN117527229 A CN 117527229A
- Authority
- CN
- China
- Prior art keywords
- communication party
- communication
- party
- key
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000012545 processing Methods 0.000 title claims abstract description 52
- 238000004422 calculation algorithm Methods 0.000 title claims abstract description 49
- 238000004891 communication Methods 0.000 claims abstract description 338
- 238000005516 engineering process Methods 0.000 claims abstract description 6
- 230000003993 interaction Effects 0.000 claims abstract description 4
- 230000005540 biological transmission Effects 0.000 claims description 27
- 230000007246 mechanism Effects 0.000 claims description 26
- 239000000284 extract Substances 0.000 claims description 24
- 230000008569 process Effects 0.000 claims description 19
- 241000549435 Pria Species 0.000 claims description 12
- 101150015300 priB gene Proteins 0.000 claims description 12
- 101150047682 priL gene Proteins 0.000 claims description 12
- 238000009795 derivation Methods 0.000 claims description 9
- 230000002195 synergetic effect Effects 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 8
- 238000004364 calculation method Methods 0.000 claims description 6
- 239000002184 metal Substances 0.000 claims description 5
- 229910052751 metal Inorganic materials 0.000 claims description 5
- 238000007781 pre-processing Methods 0.000 claims description 3
- 230000006870 function Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 4
- 239000000463 material Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004064 recycling Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Abstract
The invention relates to a method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm, wherein the method comprises the following steps: (1) The communication party and the cooperator carry out identity authentication public and private key pair and certificate generation processing based on the cooperative technology of the domestic commercial cryptographic algorithm; (2) Two communication parties for information data interaction complete identity authentication and communication key negotiation processing between the two communication parties through a cooperative party; (3) The communication party and the cooperative party use the saved local signature certificate sub-private key of the communication party and the saved remote signature certificate sub-private key of the communication party to carry out data signature authentication on the random number R; (4) And the communication party and the cooperative party use the respectively stored local encryption certificate sub-private key of the communication party and the remote encryption certificate sub-private key of the communication party to carry out data decryption authentication on the authentication data ciphertext encrypted by the encryption certificate public key of the communication party. By adopting the method provided by the invention, the safety and usability of identity authentication in a cloud environment are effectively improved.
Description
Technical Field
The invention relates to the technical field of information security, in particular to the technical field of intersection of a cryptographic technology and information security, and particularly relates to a method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Background
Authentication and key agreement of users and devices in traditional network environments often relies on the provision of special hardware security modules (Hardware Security Module, HSM) to secure, for example, smart keys, cryptographic cards, etc. In particular, the private key of the asymmetric key pair used for authentication needs to be stored inside the hardware security module to prevent it from being read or copied. However, under the conditions of virtualization, recycling and service of the cloud environment, it is difficult to provide users and devices with special hardware security modules. The private key is stored in a cloud environment in a software mode in the prior art, but the private key is difficult to copy or steal no matter the private key is stored in a bare metal, a virtual machine or a container, the scale of a certificate revocation list is expanded rapidly, the security is difficult to guarantee, and the practicability is poor.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a safe and reliable method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
In order to achieve the above purpose, the method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm of the invention comprises the following steps:
the method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm is mainly characterized by comprising the following processing steps:
(1) Under the cloud environment, the communication party and the cooperator perform identity authentication public and private key pair and certificate generation processing based on the cooperation technology of the domestic commercial cryptographic algorithm;
(2) Two communication parties for information data interaction complete identity authentication and communication key negotiation processing between the two communication parties through a cooperative party;
(3) The communication party and the cooperative party use the respectively stored local signature certificate sub-private key of the communication party and the remote signature certificate sub-private key of the communication party to carry out data signature authentication processing on the random number R for authentication;
(4) The communication party and the cooperative party use the respectively stored local encryption certificate sub-private key of the communication party and the remote encryption certificate sub-private key of the communication party to perform data decryption authentication processing on authentication data ciphertext encrypted by the encryption certificate public key of the communication party.
Preferably, the step (1) specifically includes:
the communication party and the cooperative party generate a signature certificate, a signature public-private key pair, an encryption certificate and an encryption public-private key pair which are required by the communication party in the identity authentication and key negotiation process based on an SM2 algorithm; wherein,
the communication party is a basic service unit of the cloud environment and comprises a bare metal server, a virtual machine, a container or a terminal, and the cooperative party is a hardware security module shared by all communication parties in the cloud environment.
Preferably, the signature public-private key pair and the signature certificate are generated in the following manner:
the communication party generates random number D1, D1E [1, n-1]]D1 is used as a local signature certificate sub-private key of the communication party; the synergistic party generates random number D2, D2E [1, n-1]]D2 is used as a signature certificate sub-private key of the communication party; the communication party calculates p1=d1 -1 [*]G, wherein D1 -1 Is the inverse D1 of D1 on finite field Fq -1 mod n,[*]The elliptic curve point multiplication operation is represented, G is the base point of the n-order on the elliptic curve E, and P1 is sent to the cooperator; the cooperator calculates p=d2 -1 [*]P1[-]G, wherein D2 -1 For D2 over finite field FqInverse D2 -1 mod n and return P to the communicating party]Representing elliptic curve point subtraction operation; the communication party takes P as a public key of a signature certificate thereof, and issues the signature certificate thereof through a certificate issuing system.
Preferably, the encryption public and private key pair and the encryption certificate are generated in the following manner:
when the certificate issuing system issues a signature certificate, an encryption public and private key pair and an encryption certificate of the corresponding communication party are generated, the encryption certificate private key is encrypted and protected by a transmission key, and the transmission key is encrypted and protected by a signature certificate public key;
the communication party extracts C1 from an SM2 structure C1C 3C 2 of the transmission key ciphertext k, and calculates T1=D1 -1 [*]C1, wherein [, x]The elliptic curve point multiplication operation is represented, and T1 is sent to a cooperator; the cooperator calculates t2=d2 -1 [*]T1, and returning T2 to the communication party;
the communication party calculates points (x 2, y 2) =t2 < - > C1 on the elliptic curve, t=kdf (x2||y2, klen), wherein "-" represents elliptic curve point subtraction, KDF () is a key derivation function used by SM2 algorithm, T represents key derivation result, if T is not equal to 0, the communication party extracts C2 from an SM2 structure C1I C3I C2 of the transmission key ciphertext K, calculates K=C2T, and calculates u=Hash (x 2I K I y 2), wherein + ] represents elliptic curve point addition operation, and Hash represents a cryptographic Hash function;
the communication party extracts C3 from an SM2 structure C1C 3C 2 of a transmission key ciphertext K, compares C3 with u, and if C3 is equal to u, K is a plaintext transmission key, and calls the plaintext transmission key to decrypt an encryption certificate private key ciphertext to obtain an encryption certificate private key plaintext sk; the communication party generates random number d1, d 1E [1, n-1]]D1 is used as a local encryption certificate sub-private key of the communication party; the communication party searches and calculates d2, so that d2 -1 *d1 -1 -1=sk and transmitting d2 to the coordinator; the cooperator saves d2 as the remote encryption certificate sub-private key of the communicator.
Preferably, the step (2) specifically includes:
after the communication party A and the communication party B generate signature certificates, signature public and private keys, encryption certificates and encryption public and private keys of the communication party A and the communication party B through the cooperative party C, mutual identity authentication and communication key negotiation processing of the communication party A and the communication party B are completed, and the processing mechanism specifically comprises mutual identity authentication of the communication party and communication key negotiation processing.
Preferably, the mutual identity authentication of the communication parties is specifically:
the communication party A sends the signature certificate A1 and the encryption certificate A2 to the communication party B, the communication party B returns the signature certificate B1 and the encryption certificate B2 to the communication party A, and the communication party A and the communication party B respectively generate random numbers RA and RB; the communication party A and the cooperative party C finish the authentication data signature of RA to form Sig priA (RA), said communication party A calls the public key of encryption certificate B2 to encrypt RA to form E PubB (RA);
The communication party A will E PubB (RA) and Sig priA (RA) to communication party B, communication party B and co-party C complete the communication of E PubB Decrypting the authentication data of (RA) and invoking the public key pair Sig of the signature certificate A priA (RA) verifying the signature, and if the verification fails, the identity authentication of both parties fails; the communication party B and the cooperative party C finish the identification data signature of the RB to form Sig priB (RB) communication party B invokes the public key of encryption certificate A2 to encrypt RA and RB to form E pubA (RA||RB) communication partner B will E pubA (RA||RB) and Sig priB (RB) return to correspondent a; communication party A and collaboration party C complete pair E pubA Decrypting the authentication data of (RA||RB);
the communication party A calls the public key pair Sig of the signature certificate B1 priB (RB) verifying the signature, and if the verification fails, the two-party identity authentication fails.
Preferably, the communication key negotiation process is performed in the following manner, specifically:
after mutual identity authentication of the communication parties is completed, the communication party A and the communication party B respectively calculate a communication key SK=RA_RB; network communication data subsequently transferred by the communication party A and the communication party B are encrypted and protected by the communication key SK, and a hash value of plaintext communication data is added to the communication data so as to ensure the integrity of the communication data.
Preferably, the step (3) specifically includes:
the communication party calculates a message digest e=hash (Z||R) on the random number R, wherein Z is SM2 algorithm signature operation preprocessing data and is generated by elliptic curve parameters, signer identification and public key calculation; the communication party generates random numbers k1, k1 epsilon [1, n-1], calculates Q1 = k1 </i > ] G, and sends message digests e and Q1 to the cooperative party; the synergetic party generates a random number k2, k2 epsilon [1, n-1], and calculates Q2=k2 < - > G; the cooperative party generates random numbers k3, k3 epsilon [1, n-1], calculates points (x 1, y 1) =k3+q1+q2 on the elliptic curve, calculates r=x1+e mod n, if r is not equal to 0, calculates s2=d2×k3mod n through a remote signature certificate sub-private key D2 of the communication party, calculates s3=d2× (r+k2) mod n, and returns r, s2, s3 to the communication party; the communication party calculates s= (D1 x k) s2+D1 x s3-r mod n through a local signature certificate sub private key D1 of the communication party, and if s is not equal to 0 and s is not equal to n-r, (r, s) is taken as an authentication data signature result.
Preferably, the step (4) specifically includes:
the communication party extracts C1 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculates T1=d1 through a local encryption certificate sub-private key d1 of the communication party -1 [*]C1, and transmitting T1 to the cooperator; the cooperative party remotely encrypts a certificate sub-private key d2 through a communication party and calculates T2=d2 -1 [*]T1, and simultaneously returning T2 to a communication party;
the communication party calculates the point (x 2, y 2) =t2 [ -fluctuated ] on the elliptic curve]C1, calculating t=kdf (x2||y2, klen); the communication party extracts C2 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculatesAnd calculating u=hash (x 2M y 2), wherein the communication party extracts C3 from an SM2 structure C1C 3C 2 of the authentication data ciphertext, compares the C3 with u, and takes M as an authentication data ciphertext decryption result if the C3 is equal to u.
The method for realizing multiparty collaborative identity authentication and key negotiation processing in the cloud environment based on the domestic commercial cryptographic algorithm realizes the secure generation and storage of the keys of various communication subjects in the cloud environment, establishes the mutual identity authentication and the secure channel between the communication subjects, can solve the problem that the hardware security module is difficult to store the keys in the cloud environment, prevents the keys from being revealed or illegally used in the use process, and effectively improves the security and usability of the identity authentication in the cloud environment.
Meanwhile, the public and private key pair of identity authentication and the certificate generation mechanism are used for generating and storing the private key of the signature certificate and the private key of the encryption certificate in a distributed mode in different positions in a sub-private key mode, so that the private key is prevented from being called in an unauthorized mode when any end key is stolen, and the security of the key is improved; the identity authentication and key negotiation mechanism defines the mutual identity authentication and communication key negotiation flow among the communication main bodies, and ensures the safety and reliability of the identity authentication and key negotiation among the communication main bodies; in addition, as the authentication data signing mechanism, the authentication data decryption mechanism and the like in the process are completed by the cooperation of the communication party and the cooperative party, once the local sub-private key is revealed, the revocation can be completed by only disabling the remote sub-private key, the risks of untimely updating of the certificate revocation list and rapid expansion of the scale are avoided, and the method can be safely and conveniently applied to the fields of electronic government, electronic commerce and the like on a large scale.
Drawings
Fig. 1 is a schematic diagram of an identity authentication public-private key pair and a certificate generation mechanism of the method for implementing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Fig. 2 is a schematic diagram of an identity authentication and key negotiation mechanism of the method for implementing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Fig. 3 is a schematic diagram of an authentication data signature mechanism of the method for implementing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Fig. 4 is a schematic diagram of an authentication data decryption mechanism of the method for implementing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Fig. 5 is a schematic overall flow chart of the method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm.
Detailed Description
In order to more clearly describe the technical contents of the present invention, a further description will be made below in connection with specific embodiments.
Before describing in detail embodiments that are in accordance with the present invention, it should be observed that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
The method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm comprises the following processing steps:
(1) Under the cloud environment, the communication party and the cooperator perform identity authentication public and private key pair and certificate generation processing based on the cooperation technology of the domestic commercial cryptographic algorithm;
(2) Two communication parties for information data interaction complete identity authentication and communication key negotiation processing between the two communication parties through a cooperative party;
(3) The communication party and the cooperative party use the respectively stored local signature certificate sub-private key of the communication party and the remote signature certificate sub-private key of the communication party to carry out data signature authentication processing on the random number R for authentication;
(4) The communication party and the cooperative party use the respectively stored local encryption certificate sub-private key of the communication party and the remote encryption certificate sub-private key of the communication party to perform data decryption authentication processing on authentication data ciphertext encrypted by the encryption certificate public key of the communication party.
Referring to fig. 1, as a preferred embodiment of the present invention, the step (1) specifically includes:
the communication party and the cooperative party generate a signature certificate, a signature public-private key pair, an encryption certificate and an encryption public-private key pair which are required by the communication party in the identity authentication and key negotiation process based on an SM2 algorithm; wherein,
the communication party is a basic service unit of the cloud environment and comprises a bare metal server, a virtual machine, a container or a terminal, and the cooperative party is a hardware security module shared by all communication parties in the cloud environment.
As a preferred embodiment of the present invention, the signature public-private key pair and the signature certificate are generated in the following manner:
the communication party generates random number D1, D1E [1, n-1]]D1 is used as a local signature certificate sub-private key of the communication party; the synergistic party generates random number D2, D2E [1, n-1]]D2 is used as a signature certificate sub-private key of the communication party; the communication party calculates p1=d1 -1 [*]G, wherein D1 -1 Is the inverse D1 of D1 on finite field Fq -1 mod n,[*]The elliptic curve point multiplication operation is represented, G is the base point of the n-order on the elliptic curve E, and P1 is sent to the cooperator; the cooperator calculates p=d2 -1 [*]P1[-]G, wherein D2 -1 Is the inverse element D2 of D2 on the finite field Fq -1 mod n and return P to the communicating party]Representing elliptic curve point subtraction operation; the communication party takes P as a public key of a signature certificate thereof, and issues the signature certificate thereof through a certificate issuing system.
As a preferred embodiment of the present invention, the encryption public-private key pair and the encryption certificate are generated in the following manner:
when the certificate issuing system issues a signature certificate, an encryption public and private key pair and an encryption certificate of the corresponding communication party are generated, the encryption certificate private key is encrypted and protected by a transmission key, and the transmission key is encrypted and protected by a signature certificate public key;
wherein, according to the GMT 0003.4-2012SM2 elliptic curve public key cryptography algorithm part 4: public key encryption algorithm states that SM2 public key encryption process is as follows:
let the message to be sent be the bit string M and klen be the bit length of M.
(1) Generating a random number k epsilon [1, n-1] by using a random number generator;
(2) Calculating elliptic curve points c1=k×g= (x 1, y 1), and converting the data type of C1 into a bit string;
(3) Calculating elliptic curve point S=h [ Penc ], wherein h is a residual factor, penc is SM2 public key, if S is infinity point, reporting error and exiting;
(4) Calculating elliptic curve points k [ x ] penc= (x 2, y 2), and converting the data types of the coordinates x2, y2 into bit strings;
(5) Calculating t=kdf (x2||y2, klen), wherein KDF () is a key derivation function used by SM2 algorithm, ||is a splice, and if t is an all 0 bit string, return to (1);
(6) Calculation of
(7) C3=hash (x 2M y 2) is calculated, wherein Hash () is a cryptographic Hash algorithm;
(8) Output ciphertext c=c 1C 3C 2.
The communication party extracts C1 from an SM2 structure C1C 3C 2 of the transmission key ciphertext k, and calculates T1=D1 -1 [*]C1, wherein [, x]The elliptic curve point multiplication operation is represented, and T1 is sent to a cooperator; the cooperator calculates t2=d2 -1 [*]T1, and returning T2 to the communication party;
the communication party calculates the point (x 2, y 2) =t2 [ -fluctuated ] on the elliptic curve]C1, t=kdf (x2||y2, klen), wherein [ ≡]Representing elliptic curve point subtraction operation, KDF () is a key derivation function used by SM2 algorithm, t is a key derivation result, if t is not equal to 0, the communication party extracts C2 from SM2 structure C1C 3C 2 of transmission key ciphertext k, and calculates The communication party calculates u=hash (x 2K y 2), wherein [ (+)]Representing elliptic curve point addition operation, and Hash represents a cryptographic Hash function;
the communication party extracts C3 from an SM2 structure C1C 3C 2 of a transmission key ciphertext K, compares C3 with u, and if C3 is equal to u, K is a plaintext transmission key, and calls the plaintext transmission key to decrypt an encryption certificate private key ciphertext to obtain an encryption certificate private key plaintext sk; the communication party generates random number d1, d 1E [1, n-1]]D1 is used as a local encryption certificate sub-private key of the communication party; the communication party searches and calculates d2, so that d2 -1 *d1 -1 -1=sk and transmitting d2 to the coordinator; the cooperator saves d2 as the remote encryption certificate sub-private key of the communicator.
Referring to fig. 2, as a preferred embodiment of the present invention, the step (2) specifically includes:
after the communication party A and the communication party B generate signature certificates, signature public and private keys, encryption certificates and encryption public and private keys of the communication party A and the communication party B through the cooperative party C, mutual identity authentication and communication key negotiation processing of the communication party A and the communication party B are completed, and the processing mechanism specifically comprises mutual identity authentication of the communication party and communication key negotiation processing.
As a preferred embodiment of the present invention, the mutual identity authentication of the communicating parties specifically includes:
the communication party A sends the signature certificate A1 and the encryption certificate A2 to the communication party B, the communication party B returns the signature certificate B1 and the encryption certificate B2 to the communication party A, and the communication party A and the communication party B respectively generate random numbers RA and RB; the communication party A and the cooperative party C finish the authentication data signature of RA to form Sig priA (RA), said communication party A calls the public key of encryption certificate B2 to encrypt RA to form E PubB (RA);
The communication party A will E PubB (RA) and Sig priA (RA) to communication party B, communication party B and co-party C complete the communication of E PubB Decrypting the authentication data of (RA) and invoking the public key pair Sig of the signature certificate A priA (RA) verifying the signature, and if the verification fails, the identity authentication of both parties fails; the communication party B and the cooperative party C finish the identification data signature of the RB to form Sig priB (RB) communication party B invokes the public key of encryption certificate A2 to encrypt RA and RB to form E pubA (RA||RB) Communication party B will E pubA (RA||RB) and Sig priB (RB) return to correspondent a; communication party A and collaboration party C complete pair E pubA Decrypting the authentication data of (RA||RB);
the communication party A calls the public key pair Sig of the signature certificate B1 priB (RB) verifying the signature, and if the verification fails, the two-party identity authentication fails.
As a preferred embodiment of the present invention, the communication key negotiation process is performed in the following manner, specifically:
after mutual identity authentication of the communication party is finished, the communication party A and the communication party B respectively calculate a communication keyNetwork communication data subsequently transferred by the communication party A and the communication party B are encrypted and protected by the communication key SK, and a hash value of plaintext communication data is added to the communication data so as to ensure the integrity of the communication data.
Referring to fig. 3, as a preferred embodiment of the present invention, the step (3) specifically includes:
the communication party calculates a message digest e=hash (Z||R) on the random number R, wherein Z is SM2 algorithm signature operation preprocessing data and is generated by elliptic curve parameters, signer identification and public key calculation; the communication party generates random numbers k1, k1 epsilon [1, n-1], calculates Q1 = k1 </i > ] G, and sends message digests e and Q1 to the cooperative party; the synergetic party generates a random number k2, k2 epsilon [1, n-1], and calculates Q2=k2 < - > G; the cooperative party generates random numbers k3, k3 epsilon [1, n-1], calculates points (x 1, y 1) =k3+q1+q2 on the elliptic curve, calculates r=x1+e mod n, if r is not equal to 0, calculates s2=d2×k3mod n through a remote signature certificate sub-private key D2 of the communication party, calculates s3=d2× (r+k2) mod n, and returns r, s2, s3 to the communication party; the communication party calculates s= (D1 x k) s2+D1 x s3-r mod n through a local signature certificate sub private key D1 of the communication party, and if s is not equal to 0 and s is not equal to n-r, (r, s) is taken as an authentication data signature result.
Referring to fig. 4, as a preferred embodiment of the present invention, the step (4) specifically includes:
the communication party extracts C1 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculates T1=d1 through a local encryption certificate sub-private key d1 of the communication party -1 [*]C1, and transmitting T1 to the cooperator; the cooperative party remotely encrypts a certificate sub-private key d2 through a communication party and calculates T2=d2 -1 [*]T1, and simultaneously returning T2 to a communication party;
the communication party calculates the point (x 2, y 2) =t2 [ -fluctuated ] on the elliptic curve]C1, calculating t=kdf (x2||y2, klen); the communication party extracts C2 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculatesAnd calculating u=hash (x 2M y 2), wherein the communication party extracts C3 from an SM2 structure C1C 3C 2 of the authentication data ciphertext, compares the C3 with u, and takes M as an authentication data ciphertext decryption result if the C3 is equal to u.
In practical application, the method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm in the technical scheme specifically comprises an identity authentication public-private key pair and certificate generation mechanism, an identity authentication and key negotiation mechanism, an authentication data signature mechanism and an authentication data decryption mechanism.
The identity authentication public-private key pair and the certificate generation mechanism are processes of generating a signature certificate, a signature public-private key, an encryption certificate and an encryption public-private key required by the communication party in the process of identity authentication and key negotiation based on a domestic commercial cryptographic algorithm cooperative technology by the communication party and the cooperative party. The communication party refers to a basic service unit of the cloud environment, and can be in the forms of a bare metal server, a virtual machine, a container or a terminal, and the like, and the cooperative party is a hardware security module shared by all communication parties in the cloud environment. The mechanism is only needed to be successfully executed once before identity authentication and key negotiation, and repeated execution is not needed. The mechanism comprises a signature public and private key pair, signature certificate generation, an encryption public and private key pair and encryption certificate generation.
The domestic commercial cryptographic algorithm is an SM2 algorithm, the elliptic curve E is an elliptic curve defined on the finite field Fq, and G is an n-order base point on the elliptic curve E.D -1 Representing the inverse on Fq, mod representing the modulo operation,representing data bitwise exclusive or operation, [ + ]]Representing elliptic curve point multiplication]Representing the point subtraction of elliptic curve, [ + ]]Representing elliptic curve point addition.
The generation of the public and private key pair and the signature certificate means that a communication party generates random numbers D1, D1E [1, n-1]]D1 is used as a local signature certificate sub-private key of the communication party; the synergetic party generates a random number D2, D2E [1, n-1]]D2 is used as a signature certificate sub-private key of the communication party; communication party calculates p1=d1 -1 [*]G, wherein D1 -1 Is the inverse D1 of D1 on Fq -1 mod n, and send P1 to the cooperator; the cooperator calculates p=d2-1 [ × ]]P1[-]G,D2 -1 Is the inverse of D2 on Fq D2 -1 mod n and return P to the communicating party; the communication party uses P as its signature certificate public key and issues the signature certificate through the certificate issuing system.
The encryption public and private key pair and the encryption certificate are generated, namely the certificate issuing system also generates the encryption public and private key pair and the encryption certificate of the communication party when issuing the signature certificate. The private key of the encryption certificate is encrypted and protected by a transmission key, and the transmission key is encrypted and protected by the public key of the signature certificate; the communication party extracts C1 from sm2 structure C1C 3C 2 of transmission key ciphertext k, and calculates T1=D1 -1 [*]C1, transmitting the T1 to a cooperator; synergetic party calculation t2=d2 -1 [*]T1, and returning T2 to the communication party; the communication party calculates the point (x 2, y 2) =t2 [ ≡ [ ] on the elliptic curve]C1, t=kdf (x2||y2, klen), KDF () is a key derivation function used by SM2 algorithm, t is a key derivation result, if t is not equal to 0, the communication party extracts C2 from SM2 structure c1|c3|c2 transmitting key ciphertext k, and calculatesThe communication party calculates u=hash (x 2K y 2), and Hash represents a cryptographic Hash function; the communication party extracts C3 from a sm2 structure C1C 3C 2 of a transmission key ciphertext K, compares C3 with u, and if C3 is equal to u, K is a plaintext transmission key; communication party toneDecrypting the secret key ciphertext of the encryption certificate by using the plaintext transmission key to obtain the secret key plaintext sk of the encryption certificate; the communication party generates random number d1, d 1E [1, n-1]]D1 is used as a local encryption certificate sub-private key of the communication party; the communication party searches and calculates d2, so that d2 -1 *d1 -1 -1=sk and transmitting d2 to the coordinator; the cooperator saves d2 as the remote encryption certificate sub-private key of the communicator.
The identity authentication and key negotiation mechanism refers to the process that after the communication party A and the communication party B generate signature certificates, signature public and private keys, encryption certificates and encryption public and private keys of the communication party A and the communication party B through the cooperative party C, mutual identity authentication and negotiation of the communication party A and the communication party B are completed. The mechanism includes mutual identity authentication of communicating parties and communication key negotiation.
The mutual identity authentication of the communication party means that the communication party A sends a signature certificate A and an encryption certificate A to the communication party B, and the communication party B returns the signature certificate B and the encryption certificate B to the communication party A; the communication party A and the communication party B respectively generate random numbers RA and RB; the communication party A and the cooperative party C finish the authentication data signature of RA to form Sig priA (RA). Communication party A calls public key of encryption certificate B to encrypt RA to form E PubB (RA); correspondent A will E PubB (RA) and Sig priA (RA) transmitting communication party B; the communication party B cooperates with the cooperative party C to finish the pairing E PubB Decryption of authentication data of (RA) and then invoking public key pair Sig of signature certificate A priA (RA) verifying the signature, and if the verification fails, the identity authentication of both parties fails; the communication party B cooperates with the cooperative party C to complete the identification data signature of the RB to form Sig priB (RB) communication party B invokes the public key of encryption certificate A to encrypt RA and RB to form E pubA (RA||RB) communication partner B will E pubA (RA||RB) and Sig priB (RB) return to correspondent a; the communication party A cooperates with the cooperation party C to finish the pairing E pubA Authentication data decryption of (ra||rb). Communication party a invokes public key pair Sig of signature certificate B priB (RB) verifying the signature, and if the verification fails, the two-party identity authentication fails.
The communication key negotiation means that after mutual identity authentication of communication parties is completed, the communication party A and the communication party B respectively calculate communication secretKey(s)Network communication data subsequently transferred by the communication party A and the communication party B are encrypted and protected through a communication key SK, and a hash value of plaintext communication data is added to the communication data, so that the integrity of the communication data is ensured.
The authentication data signing mechanism refers to a process that a communication party and a cooperator use a stored local signature certificate sub-private key of the communication party and a stored remote signature certificate sub-private key of the communication party to finish digital signature of a domestic commercial cryptographic algorithm on a random number R for authentication. Comprising the following steps: the communication party calculates a message digest e=hash (Z||R) for R, wherein Z is sm2 algorithm signature operation pretreatment data, and the pretreatment data are generated by elliptic curve parameters, signer identification and public key calculation; the communication party generates random numbers k1, k1 epsilon [1, n-1], calculates Q1 = k1 </i > ] G, and sends message digest e and Q1 to the cooperative party; the synergetic party generates a random number k2, k2 epsilon [1, n-1], and calculates Q2=k2 < - > G; the cooperative party generates random numbers k3, k3 epsilon [1, n-1], calculates points (x 1, y 1) =k3 </SUB > ] Q1 </SUB > -Q2 on the elliptic curve, calculates r=x1+e mod n, if r is not equal to 0, calculates s2=d2 </SUB > -k 3mod n by the remote signature certificate sub-private key D2 of the communication party, calculates s3=d2 </SUB > (r+k2) mod n, and returns r, s2, s3 to the communication party; the communication party calculates s= (D1 x k) s2+ D1 x s3-r mod n through the local signature certificate sub private key D1 of the communication party, and if s is not equal to 0 and s is not equal to n-r, (r, s) is taken as an authentication data signature result.
The authentication data decryption mechanism is a process of decrypting the domestic commercial cryptographic algorithm by using the authentication data ciphertext encrypted by the communication party encryption certificate public key by using the communication party local encryption certificate sub-private key and the communication party remote encryption certificate sub-private key which are respectively stored by the communication party and the cooperative party. Comprising the following steps: the communication party extracts C1 from sm2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculates T1=d1 through local encryption certificate sub-private key d1 of the communication party -1 [*]C1, transmitting the T1 to a cooperator; the cooperator calculates T2=d2 through the remote encryption certificate sub-private key d2 of the communicator -1 [*]T1, and returning T2 to the communication party; the communication party calculates the point (x 2, y 2) =t2 [ ≡ [ ] on the elliptic curve]C1, calculating t=kDF (x 2 y2, klen); the communication party extracts C2 from a sm2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, calculates M=C2 < t >, calculates u=hash (x 2M y 2), extracts C3 from the sm2 structure C1C 3C 2 of the authentication data ciphertext, compares C3 with u, and takes M as an authentication data ciphertext decryption result if C3 is equal to u.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and further implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It is to be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution device.
Those of ordinary skill in the art will appreciate that all or a portion of the steps carried out in the method of the above-described embodiments may be implemented by a program to instruct related hardware, and the program may be stored in a computer readable storage medium, where the program when executed includes one or a combination of the steps of the method embodiments.
The above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, or the like.
In the description of the present specification, reference to the terms "one embodiment," "some embodiments," "examples," "specific examples," or "embodiments," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the present invention have been shown and described above, it will be understood that the above embodiments are illustrative and not to be construed as limiting the invention, and that variations, modifications, alternatives and variations may be made to the above embodiments by one of ordinary skill in the art within the scope of the invention.
The method for realizing multiparty collaborative identity authentication and key negotiation processing in the cloud environment based on the domestic commercial cryptographic algorithm realizes the secure generation and storage of the keys of various communication subjects in the cloud environment, establishes the mutual identity authentication and the secure channel between the communication subjects, can solve the problem that the hardware security module is difficult to store the keys in the cloud environment, prevents the keys from being revealed or illegally used in the use process, and effectively improves the security and usability of the identity authentication in the cloud environment.
Meanwhile, the public and private key pair of identity authentication and the certificate generation mechanism are used for generating and storing the private key of the signature certificate and the private key of the encryption certificate in a distributed mode in different positions in a sub-private key mode, so that the private key is prevented from being called in an unauthorized mode when any end key is stolen, and the security of the key is improved; the identity authentication and key negotiation mechanism defines the mutual identity authentication and communication key negotiation flow among the communication main bodies, and ensures the safety and reliability of the identity authentication and key negotiation among the communication main bodies; in addition, as the authentication data signing mechanism, the authentication data decryption mechanism and the like in the process are completed by the cooperation of the communication party and the cooperative party, once the local sub-private key is revealed, the revocation can be completed by only disabling the remote sub-private key, the risks of untimely updating of the certificate revocation list and rapid expansion of the scale are avoided, and the method can be safely and conveniently applied to the fields of electronic government, electronic commerce and the like on a large scale.
In this specification, the invention has been described with reference to specific embodiments thereof. It will be apparent, however, that various modifications and changes may be made without departing from the spirit and scope of the invention. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
Claims (9)
1. A method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm is characterized by comprising the following processing steps:
(1) Under the cloud environment, the communication party and the cooperator perform identity authentication public and private key pair and certificate generation processing based on the cooperation technology of the domestic commercial cryptographic algorithm;
(2) Two communication parties for information data interaction complete identity authentication and communication key negotiation processing between the two communication parties through a cooperative party;
(3) The communication party and the cooperative party use the respectively stored local signature certificate sub-private key of the communication party and the remote signature certificate sub-private key of the communication party to carry out data signature authentication processing on the random number R for authentication;
(4) The communication party and the cooperative party use the respectively stored local encryption certificate sub-private key of the communication party and the remote encryption certificate sub-private key of the communication party to perform data decryption authentication processing on authentication data ciphertext encrypted by the encryption certificate public key of the communication party.
2. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm as set forth in claim 1, wherein the step (1) specifically includes:
the communication party and the cooperative party generate a signature certificate, a signature public-private key pair, an encryption certificate and an encryption public-private key pair which are required by the communication party in the identity authentication and key negotiation process based on an SM2 algorithm; wherein,
the communication party is a basic service unit of the cloud environment and comprises a bare metal server, a virtual machine, a container or a terminal, and the cooperative party is a hardware security module shared by all communication parties in the cloud environment.
3. The method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm according to claim 2, wherein the signature public-private key pair and signature certificate are generated in the following manner:
the communication party generates random number D1, D1E [1, n-1]]D1 is used as a local signature certificate sub-private key of the communication party; the synergistic party generates random number D2, D2E [1, n-1]]D2 is used as a signature certificate sub-private key of the communication party; the communication party calculates a first elliptic curve point P1=D1 -1 [*]G, wherein D1 -1 Is the inverse D1 of D1 on finite field Fq -1 mod n,[*]The elliptic curve point multiplication operation is represented, G is the base point of the n-order on the elliptic curve E, and P1 is sent to the cooperator; the cooperator calculates a second elliptic curve point P=d2 -1 [*]P1[-]G, wherein D2 -1 Is the inverse element D2 of D2 on the finite field Fq -1 mod n and return P to the communicating party]Representing elliptic curve point subtraction operation; the communication party takes P as a public key of a signature certificate thereof, and issues the signature certificate thereof through a certificate issuing system.
4. The method for realizing multiparty collaborative identity authentication and key negotiation processing in a cloud environment based on a domestic commercial cryptographic algorithm according to claim 2, wherein the encryption public and private key pair and the encryption certificate are generated in the following manner:
when the certificate issuing system issues a signature certificate, an encryption public and private key pair and an encryption certificate of the corresponding communication party are generated, the encryption certificate private key is encrypted and protected by a transmission key, and the transmission key is encrypted and protected by a signature certificate public key;
the communication party extracts C1 from an SM2 structure C1C 3C 2 of the transmission key ciphertext k, and calculates a third elliptic curve point T1=D1 -1 [*]C1, wherein [, x]The elliptic curve point multiplication operation is represented, C1, C2 and C3 are elliptic curve points, and T1 is sent to a cooperator; the cooperator calculates a fourth elliptic curve point t2=d2 -1 [*]T1, and returning T2 to the communication party;
the communication party calculates a point (x 2, y 2) =t2 < - > C1 on the elliptic curve, t=kdf (x2||y2, klen), wherein "-" represents elliptic curve point subtraction, KDF () is a key derivation function used by SM2 algorithm, T is a key derivation result, if T is not equal to 0, the communication party extracts C2 from an SM2 structure C1I C3I C2 of a transmission key ciphertext K, calculates a plaintext K=C2I T, and calculates a Hash value u=hash (x 2I K I y 2), wherein + ] represents elliptic curve point addition operation, and Hash represents a cryptographic Hash function;
the communication party extracts C3 from an SM2 structure C1C 3C 2 of a transmission key ciphertext K, compares C3 with u, and if C3 is equal to u, K is a plaintext transmission key, and calls the plaintext transmission key to decrypt an encryption certificate private key ciphertext to obtain an encryption certificate private key plaintext sk; the communication party generates random number d1, d 1E [1, n-1]]D1 is used as a local encryption certificate sub-private key of the communication party; the communication party searches and calculates the remote encryption certificate sub-private key d2 of the communication party, so that d2 is obtained -1 *d1 -1 -1=sk and transmitting d2 to the coordinator; the cooperator saves d2 as the remote encryption certificate sub-private key of the communicator.
5. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm according to claim 2, wherein the step (2) is specifically as follows:
after the communication party A and the communication party B generate signature certificates, signature public and private keys, encryption certificates and encryption public and private keys of the communication party A and the communication party B through the cooperative party C, mutual identity authentication and communication key negotiation processing of the communication party A and the communication party B are completed, and the processing mechanism specifically comprises mutual identity authentication of the communication party and communication key negotiation processing.
6. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm according to claim 5, wherein the mutual identity authentication of the communication parties is specifically as follows:
the communication party A sends the signature certificate A1 and the encryption certificate A2 to the communication party B, the communication party B returns the signature certificate B1 and the encryption certificate B2 to the communication party A, and the communication party A and the communication party B respectively generate random numbers RA and RB; the communication party A and the cooperative party C finish the authentication data signature of RA to form a first signature valueSig priA (RA), the communication party A calls the public key of the encryption certificate B2 to encrypt the RA to form a first ciphertext E PubB (RA);
The communication party A will E PubB (RA) and Sig priA (RA) to communication party B, communication party B and co-party C complete the communication of E PubB Decrypting the authentication data of (RA) and invoking the public key pair Sig of the signature certificate A priA (RA) verifying the signature, and if the verification fails, the identity authentication of both parties fails; the communication party B and the cooperative party C finish the identification data signature of the RB to form a second signature value Sig priB (RB) communication party B invokes the public key of encryption certificate A2 to encrypt RA and RB to form a second ciphertext E pubA (RA||RB) communication partner B will E pubA (RA||RB) and Sig priB (RB) return to correspondent a; communication party A and collaboration party C complete pair E pubA Decrypting the authentication data of (RA||RB);
the communication party A calls the public key pair Sig of the signature certificate B1 priB (RB) verifying the signature, and if the verification fails, the two-party identity authentication fails.
7. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm according to claim 6, wherein the communication key negotiation processing is implemented according to the following modes:
after mutual identity authentication of the communication parties is completed, the communication party A and the communication party B respectively calculate a communication key SK=RA_RB; network communication data subsequently transferred by the communication party A and the communication party B are encrypted and protected by the communication key SK, and a hash value of plaintext communication data is added to the communication data so as to ensure the integrity of the communication data.
8. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm according to claim 3, wherein the step (3) is specifically:
the communication party calculates a message digest e=hash (Z||R) on the random number R, wherein Z is SM2 algorithm signature operation preprocessing data and is generated by elliptic curve parameters, signer identification and public key calculation; the communication party generates random numbers k1, k1 epsilon [1, n-1], calculates a fifth elliptic curve point Q1 = k1 </i > ] G, and sends message digests e and Q1 to the cooperative party; generating a random number k2, k2 epsilon [1, n-1] by the synergetic party, and calculating a sixth elliptic curve point Q2 = k2 </x > G; the cooperative party generates a random number k3, k3 epsilon [1, n-1], calculates a point (x 1, y 1) =k3 < + > Q1 < + > Q2 on the elliptic curve, calculates a first partial signature value r=x1+e mod n, wherein n is the order of a base point G, if r is not equal to 0, calculates a second partial signature intermediate value s2=d2 </i >. K3mod n through a remote signature certificate sub-private key D2 of the communication party, calculates a third partial signature intermediate value s3=d2 </i > (r+k2) mod n, and returns r, s2, s3 to the communication party; the communication party calculates a partial signature value s= (D1 x k) s2+D1 x s3-r mod n through a local signature certificate sub private key D1 of the communication party, and if s is not equal to 0 and s is not equal to n-r, (r, s) is taken as an authentication data signature result.
9. The method for implementing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm according to claim 4, wherein the step (4) is specifically as follows:
the communication party extracts C1 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, and calculates a third elliptic curve point T1=d1 through a local encryption certificate sub-private key d1 of the communication party -1 [*]C1, and transmitting T1 to the cooperator; the cooperator encrypts the certificate sub-private key d2 remotely through the communicator and calculates a fourth elliptic curve point T2=d2 -1 [*]T1, and simultaneously returning T2 to a communication party;
the communication party calculates points (x 2, y 2) =t2 < - > C1 on the elliptic curve, calculates a session key t=kdf (x2||y2, klen); the communication party extracts C2 from an SM2 ciphertext structure C1C 3C 2 of the authentication data ciphertext, calculates a bit string M=C2 t, calculates a Hash value u=hash (x 2M y 2), extracts C3 from the SM2 structure C1C 3C 2 of the authentication data ciphertext, compares C3 with u, and takes M as an authentication data ciphertext decryption result if C3 is equal to u.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311715363.9A CN117527229A (en) | 2023-12-13 | 2023-12-13 | Method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311715363.9A CN117527229A (en) | 2023-12-13 | 2023-12-13 | Method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117527229A true CN117527229A (en) | 2024-02-06 |
Family
ID=89762755
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311715363.9A Pending CN117527229A (en) | 2023-12-13 | 2023-12-13 | Method for realizing multiparty collaborative identity authentication and key negotiation processing in cloud environment based on domestic commercial cryptographic algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117527229A (en) |
-
2023
- 2023-12-13 CN CN202311715363.9A patent/CN117527229A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111314089B (en) | SM 2-based two-party collaborative signature method and decryption method | |
| CN108352015B (en) | Secure multi-party loss-resistant storage and encryption key transfer for blockchain based systems in conjunction with wallet management systems | |
| CN107483212B (en) | Method for generating digital signature by cooperation of two parties | |
| CN107579819B (en) | A kind of SM9 digital signature generation method and system | |
| CN108199835B (en) | Multi-party combined private key decryption method | |
| US11223486B2 (en) | Digital signature method, device, and system | |
| CN101640590B (en) | Method for obtaining a secret key for identifying cryptographic algorithm and cryptographic center thereof | |
| US20050058294A1 (en) | Method, system and device for enabling delegation of authority and access control methods based on delegated authority | |
| EP2334008A1 (en) | A system and method for designing secure client-server communication protocols based on certificateless public key infrastructure | |
| CN104243456A (en) | Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm | |
| CN111769938B (en) | Key management system and data verification system of block chain sensor | |
| CN107425971B (en) | Certificateless data encryption/decryption method and device and terminal | |
| CN109104271B (en) | Digital signature method, device and system | |
| CN113779645B (en) | Quantum digital signature and quantum digital signature encryption method | |
| CN111464315B (en) | Digital signature processing method, device, computer equipment and storage medium | |
| CN110535626B (en) | Secret communication method and system for identity-based quantum communication service station | |
| JP2006174356A (en) | Pseudo public key encryption method and system | |
| CN114726546B (en) | Digital identity authentication method, device, equipment and storage medium | |
| CN109547413B (en) | Access control method of convertible data cloud storage with data source authentication | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN114567431B (en) | Security authentication method for unidirectional transmission | |
| CN113468582A (en) | Anti-quantum computing encryption communication method | |
| CN112910627B (en) | Key updating method, data decryption method and digital signature verification method | |
| CN115412246B (en) | Method, device, equipment and storage medium for inadvertent transmission | |
| US7436966B2 (en) | Secure approach to send data from one system to another |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |