KR20160128170A - Device, server and method for providing a secret key encryption and restore - Google Patents

Device, server and method for providing a secret key encryption and restore Download PDF

Info

Publication number
KR20160128170A
KR20160128170A KR1020150087580A KR20150087580A KR20160128170A KR 20160128170 A KR20160128170 A KR 20160128170A KR 1020150087580 A KR1020150087580 A KR 1020150087580A KR 20150087580 A KR20150087580 A KR 20150087580A KR 20160128170 A KR20160128170 A KR 20160128170A
Authority
KR
South Korea
Prior art keywords
key
secret key
user
management server
terminal
Prior art date
Application number
KR1020150087580A
Other languages
Korean (ko)
Inventor
이희조
박현도
Original Assignee
고려대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 고려대학교 산학협력단 filed Critical 고려대학교 산학협력단
Priority to US15/140,742 priority Critical patent/US10020939B2/en
Publication of KR20160128170A publication Critical patent/KR20160128170A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The purpose of the present invention is to provide a terminal, a server and a method for encrypting a secret key of a user and for restoring a secret key and password of a user. A terminal for providing secret key encryption and restoration according to an embodiment of the present invention comprises: a communication module; a memory for storing a program for the secret key encryption and the restoration; and a processor for executing the program. The processor restores a secret key of a user, of which restoration is requested on the basis of restoration information received from each of a key management server and at least one trusted terminal when the restoration of the secret key is requested according to execution of the program. The secret key of the user is generated and encrypted by the processor according to a request of the user, and the restoration information is generated corresponding to the secret key, and then delivered to the key management server and the at least one trusted terminal through the communication module.

Description

TECHNICAL FIELD [0001] The present invention relates to a terminal, a server, and a method for providing secret key encryption and restoration.

The present invention relates to terminals, servers and methods for providing secret key encryption and recovery.

A common public-key cryptosystem uses an encryption protocol using a pair of a user's public key and secret key. At this time, the public key should be disclosed to anyone. However, the secret key corresponding to the public key must be known only to the owner of the secret key. In the public key based encryption system, the secret key generated by the user is encrypted with the user's password and stored securely in the user's terminal. Also, when the user uses the public key based encryption protocol, the encrypted secret key is decrypted using the user's password, and then encrypted and stored as a password again after use.

A common public key based encryption system stores a copy of the user secret key in the key management server in case the user's private key is damaged or lost. For example, when a secret key is generated, a user can access a key management server through a terminal to register a secret key or an encrypted secret key. When the secret key is damaged or lost, the user can access the key management server through the terminal and recover the secret key by receiving the registered secret key or the registered encrypted secret key.

In such a general public key based encryption system, when a key management server holds a secret key of a user, a plurality of user private keys managed by the key management server by an external attack such as hacking can be leaked in a large amount. If the user secret key of the key management server is leaked from the payment service and the financial service, the payment information, financial information and personal information of the user may be further leaked through the leaked user secret key.

In addition, when the secret key is encrypted with the user's password and stored in the key management server, the user must reset the password once the password is forgotten. The user's private key is encrypted with the user's existing password and stored in the key management server. When the user re-sets the password, the user must use the reset password so that the encrypted secret key stored in the key management server can not be decrypted. Therefore, when a user loses a password, a common public key based encryption system must discard the encrypted secret key stored in the key management server, and the user must again encrypt the secret key based on the reset password.

As a conventional technique related to a public key based encryption system, there is disclosed in US Patent No. 8995660 (entitled "Cryptographic system, encryption apparatus, key generation apparatus, decryption apparatus, content server, ") Provides a cryptographic communication technique that can be flexibly operated based on a function cryptosystem. Specifically, the present invention extracts attribute information and logical information from input information of a user based on a pair of attribute conversion rule information and logical expression conversion rule information, and uses the extracted information for encryption.

In addition, Korean Patent Laid-Open Publication No. 10-2013-0096575 (entitled "Public key-based group key distribution device and method") discloses a group key distribution method according to a group join request of a new user in a group key management server Lt; / RTI > Specifically, the method includes receiving a message requesting subscription of a specific group encrypted with a user public key and a user secret key from a new user terminal, authenticating the new user terminal by decoding the message, And transmitting the used group key.

It is an object of the present invention to provide a terminal, a server and a method for encrypting a secret key of a user and a secret key and a password of a user.

It should be understood, however, that the technical scope of the present invention is not limited to the above-described technical problems, and other technical problems may exist.

According to a first aspect of the present invention, there is provided a terminal for providing secret key encryption and restoration, which includes a communication module, a memory in which a secret key encryption and restoration program is stored, and a processor for executing the program When the restoration of the user's secret key is requested, the processor restores the secret key requested to be restored based on the restoration information received from the key management server and one or more trusted terminals according to the execution of the program. At this time, the secret key of the user is generated and encrypted by the processor at the request of the user, the reconstruction information is generated corresponding to the secret key, and then transmitted to the key management server and one or more trusted terminals through the communication module.

According to a second aspect of the present invention, there is provided a method for encrypting and recovering a secret key in a terminal, the method comprising: receiving restoration information from a key management server and one or more trusted terminals, respectively, ; And restoring the secret key requested to be restored based on the received restoration information. At this time, the secret key is generated by the terminal and then encrypted, and the reconstruction information is generated corresponding to the secret key, and then transmitted to the key management server and one or more trusted terminals.

The key management server according to the third aspect of the present invention includes a processor for executing a program and a memory storing a communication module, a storage, a secret key encryption and restoration program, and the like. At this time, the processor generates and discloses a public key according to the execution of the program, receives the local key and the reconstruction information encrypted with the public key from the terminal, stores the encrypted local key and the reconstruction information in the storage, And restoration information to the terminal.

According to any one of the above-mentioned tasks, the present invention does not store the user's secret key in a central server such as a key management server, and thus prevents leakage of the user's secret key due to an external attack such as hacking have. According to another aspect of the present invention, when a user loses a secret key, the secret key can be securely restored based on reconstruction information distributed to the trusted terminal.

In addition, the present invention can safely restore an existing secret key even if the user loses the password, so that the user does not need to newly issue a secret key. The present invention can reduce the risk of loss of the secret key when the password is lost. Therefore, the present invention is capable of conveniently resetting the password, and is safe from leakage of important information such as payment information, financial information, and personal information even if the user loses the password.

1 is a block diagram of a process of encrypting a user secret key of a terminal in a general public key encryption protocol.
2 is a block diagram illustrating a process of restoring a user secret key of a terminal in a public key encryption protocol.
3 is a block diagram of a secret key encryption and recovery terminal according to an embodiment of the present invention.
4 is a block diagram of a secret key encryption process of a terminal according to an embodiment of the present invention.
5 is a block diagram of a process of restoring a secret key of a terminal according to an embodiment of the present invention.
6 is a block diagram illustrating a process of regenerating a password of a terminal according to an embodiment of the present invention.
7 is a flowchart of a secret key generation method in a terminal according to an embodiment of the present invention.
8 is a flowchart of a secret key decryption method in a terminal according to an embodiment of the present invention.
9 is a flowchart of a method for recovering a secret key in a terminal according to an embodiment of the present invention.
10 is a flowchart illustrating a method of restoring a password of a terminal according to an embodiment of the present invention.
11 is a block diagram of a key management server that provides secret key encryption and recovery according to one embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, which will be readily apparent to those skilled in the art. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly explain the present invention in the drawings, parts not related to the description are omitted.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between . Also, when a part is referred to as "including " an element, it does not exclude other elements unless specifically stated otherwise.

Hereinafter, a general secret key encryption and decryption process in the terminal 110 will be described with reference to FIGS. 1 and 2. FIG.

1 is a block diagram of a secret key encryption process of the UE 110 in a public key encryption protocol.

In order to use a common public key encryption protocol, the user 100 may request the terminal 110 to generate a user secret key and a user public key (S100). Upon receiving the user secret key and the user public key generation request from the user 100, the terminal 110 generates a user public key and a user secret key.

The terminal 110 receives the password from the user 100 for encryption of the user secret key (S110). The terminal 110 encrypts the user secret key based on the password received from the user 100. At this time, the terminal 110 may store and store the encrypted secret key in the storage of the terminal 110. In addition, the terminal 110 may copy the encrypted user secret key for restoration of the user secret key, and transmit the encrypted user secret key to the key management server 120 (S120).

When the user 100 requests the decryption of the user secret key and delivers the password, the terminal 110 decrypts the encrypted user secret key stored in the terminal 110 using the password received from the user 100.

As described above, in the general public key encryption protocol, the key management server 120 can store the encrypted user secret key received from the user. If the user 100 compromises or loses the user's secret key, the terminal 110 can receive the encrypted user's secret key from the key management server 120 and restore the lost or corrupted user's secret key. The process of restoring an encrypted user secret key in general secret key encryption is described with reference to FIG.

2 is a block diagram illustrating a process of restoring a user secret key of the UE 110 in a common public key encryption protocol. .

If the user secret key is lost or corrupted, the terminal 110 can restore the lost or corrupted user secret key through the key management server 120. [ Specifically, the terminal 110 receives a password from the user 100 according to the user's private key restoration request of the user 100 (S200). The terminal 110 transmits the password received from the user 100 to the key management server 120 (S210).

The key management server 120 receiving the password can forward the user secret key corresponding to the password to the terminal 110 (S220). At this time, the key management server 120 may decrypt the encrypted user secret key and deliver it to the terminal 110, or may transmit the encrypted user secret key to the terminal 110 as it is. In this way, in the general public key encryption protocol, the terminal 110 can store a copy of the generated user secret key in the key management server 120 and use it for restoration.

The key management server 120 can encrypt and store a copy of the user secret key in the password of the user 100 in order to prevent a plurality of previously stored user secret key copies from being leaked by hacking or the like. Alternatively, the key management server 120 may encrypt and store a plurality of user secret keys through one master key. However, when the key management server 120 stores and manages a copy of the user secret key, there is a risk that the key management server 120 will be leaked by an external attack due to hacking or the like.

In addition, when the terminal 110 and the key management server 120 do not store the password, if the user 100 forgets the password stored in the user 100, the user 100 can not recover the forgotten password. Therefore, when the user 120 forgets the password, the terminal 110 can not decrypt and restore the encrypted user secret key. Therefore, when the user 100 forgets the password, the user 100 must newly generate a password and a user secret key.

3 to 7, a description will now be made of a terminal 300 that provides secret key encryption and recovery according to an embodiment of the present invention.

3 is a block diagram of a terminal 300 that provides secret key encryption and recovery according to one embodiment of the present invention.

The terminal 300 according to an exemplary embodiment of the present invention provides encryption and decryption of a user secret key. In addition, the terminal 300 provides a method for safely restoring a user's private key and password when the password is compromised or lost. The terminal 300 includes a memory 301, a communication module 302, an input module 303, a storage 304, and a processor 305.

The memory 301 stores a secret key encryption and decryption program. Here, the memory 301 is collectively referred to as a non-volatile storage device that keeps stored information even when power is not supplied.

Communication module 302 performs communication with key management server 320 and one or more trusted terminals 330. The communication module 302 may include a network module for providing wired or wireless network communication and an integrated driver electronics (IDE), a peripheral component interconnect bus (PCI), a parallel ATA (PATA), a serial ATA bus), and the like.

The input module 303 receives a user password or the like from the user 310. At this time, the input module 303 may be an input device such as a keyboard, a mouse, a joystick, and a touch pad. In addition, the input module 303 may be a touch screen panel such as a resistive type or a capacitive type, and may be integrated with a display module (not shown) included in the terminal 300.

The storage 304 may store an encrypted user secret key and an encrypted user local key. At this time, the storage 304 may be embedded in the terminal 300 as a storage device such as a solid state driver and a hard disk driver. The storage 304 may also be a storage device or storage server connected via the communication module 302.

The processor 305 generates a user secret key according to the execution of the program. The processor 305 may also generate a user public key corresponding to the user private key and a user local key for user private key encryption. The processor 305 can manage the generated user secret key and the generated user public key in pairs, and can disclose the generated user public key. The processor 305 may then encrypt the generated user secret key. The encryption process of the concrete user secret key will be described with reference to FIG.

4 is a block diagram of a secret key encryption process of the terminal 300 according to an embodiment of the present invention.

When a user secret key generation request (S400) is received from the user 310, the processor 305 may generate a user secret key, a user public key corresponding to the user secret key, and a user local key.

The processor 305 may generate a password and share the password with the user 310. At this time, the password may be input by the user 310 through the input module. In addition, the password may be generated by the processor 305 and then communicated to the user 310. At this time, the processor 305 does not store the password shared with the user 310 in the storage 304.

The processor 305 may encrypt the generated user secret key. At this time, the processor 305 may perform the encryption of the user secret key in two steps based on the user local key and the password. For example, the processor 305 may first encrypt the user secret key based on the user's local key. The processor 305 may second encrypt the first encrypted user secret key with a password. Once the user secret key is encrypted, the processor 305 may store the encrypted user secret key in the storage 304.

In addition, the processor 305 may generate the public key based encryption local key by encrypting the generated user local key with the key management server public key disclosed by the key management server 320. At this time, the public key based encryption local key can be used for restoring the password when the user 310 loses the password. Therefore, the processor 305 may forward the public key based encryption local key to the key management server 320 for restoring the password (S410). The key management server 320 may store the received public key based encryption local key in the storage of the key management server 320 for restoring the password.

Processor 305 may again encrypt the user local key with a password to generate a password-based encrypted local key. At this time, the password-based encryption local key may be used for decryption of the encrypted user secret key. The processor 305 may generate a password-based encrypted local key, and then store the generated password-based encrypted local key in the storage 304.

Processor 305 generates restoration information corresponding to the encrypted user secret key for restoration of the user secret key. At this time, the restoration information may include one or more restored coordinate information and one or more parameters generated based on the encrypted user secret key.

For example, the reconstruction information may be generated based on a Shamir secret sharing technique. The processor 305 may generate one or more restored coordinate information containing information of the encrypted user secret key according to the Shamir secret distribution scheme. The processor 305 may distribute the generated one or more restored coordinate information to the one or more trusted terminals 330 via the communication module 302. [ The processor 305 can restore the user secret key based on the restored coordinate information held by the trusted terminal 330 when the user 310 loses the user secret key or the user secret key is damaged.

At this time, the trusted terminal 330 can trust the terminal of the trusted user previously selected by the user 310 and the trust included in the trust terminal set selected by the key management server 320 and transmitted to the processor 305 through the communication module 302 The terminal 330 may be one or more. At this time, the trusted terminal aggregation may include one or more trusted terminals 330 pre-selected by the user 310 offline or online. In addition, the trusted terminal aggregation may include a trusted terminal 330 selected by the key management server 320, or may include a terminal selected by the trusted terminal 330 to a plurality of users.

The trusted terminal aggregation may include a key management server 320. [ That is, the processor 305 may select the key management server 320 as the trusted terminal 330 and deliver the restored coordinate information to the key management server 320. The trusted terminal set 300 may also include other terminals that the user 310 is using.

The process of generating the restoration information will be described in detail.

Figure pat00001
The restoration parameters p , n and k can be selected. In this case, p is a prime number used in the restored coordinate generation process, and may be larger than the number of the user secret key and the trust terminal 330. Also, n is the number of coordinates for reconstruction and k is the number of trusted terminals 330. At this time, k may be equal to or less than n .

The processor 305 may select a restoration parameter and then generate a secret key restoration polynomial as shown in Equation (1). And the user secret key

Figure pat00002
And select a i having the same value, and can be added to restore the i parameter.

Figure pat00003

The processor 305 can select the coordinates (x, f (x)) for n restoration based on the equation (1 ) and again select k restored coordinate information out of the n coordinates. The processor 305 may then replace f (x) with f ' (x) . At this time, f ' (x) can be derived as shown in Equation (2).

Figure pat00004

The processor 305 may generate k pieces of restored coordinate information as shown in Equation (3) by adding m, which is a share in the remaining calculation of Equation (2), to each coordinate. That is, the reconstruction information may include k reconstructed coordinate information and reconstruction parameters p , n , k, and i as shown in Equation (3).

Figure pat00005

The processor 305 may distribute and transmit restored coordinate information included in the generated restoration information to one or more trusted terminals 330 through the communication module 302. [ At this time, the number of the trust terminals 330 transmitting the restored coordinate information may be larger than the minimum number of restored coordinate information required for restoration. And processor 305 may communicate the same coordinate information to one or more trusted terminals 330 as needed.

Referring to FIG. 4, if the minimum number of restored coordinate information necessary for restoration is two, the processor 305 determines that the second trusted terminal 410 and the third trusted terminal 410, which are two trusted terminals, And may transmit the restored coordinate information to the terminal 420 (S420 and S430).

If there is a problem in the second trusted terminal 410 among the two trusted terminals 410 and 420 that have received the two restored coordinate information and the communication can not be performed or the second trusted terminal 410 When the restored coordinate information is lost, the processor 305 may store restored coordinate information stored by the second trusted terminal 410 in another trusted terminal. First, the processor 305 may select the first trusted terminal 400 among the trusted terminals that have not received the restored coordinate information in the trusted terminal sets 400 to 420. [ Then, the processor 410 may transmit the first restored coordinate information stored in the second trusted terminal 410 to the selected first trusted terminal 400 (S440). Therefore, the processor 305 can keep the necessary number of trusted terminals to retain the restored coordinate information for user private key recovery.

In addition, the processor 305 can transmit the restoration parameter to the key management server 320 via the communication module 302 (S450). The processor 305 may forward the restoration information and then delete the unencrypted user secret key and the user local key.

In this manner, the processor 305 can store the encrypted user secret key and the password-based encrypted local key in the storage 304 through the secret key encryption process, and can disclose the generated user public key. In addition, the key management server 320 may store a public key based encryption key and a restoration parameter corresponding to the user 310 in the storage of the key management server 320. The trusted terminal 330 may store restored coordinate information received from the terminal 300. [

If the user 310 requests decryption of the encrypted user secret key to use the public key encryption protocol, the processor 305 may decrypt the encrypted user secret key based on the password.

The processor 305 may decrypt the encrypted user local key stored in the storage 304 using the password entered using the input module 303 after the user 310 has requested the secret key decryption have. The processor 305 may then decrypt the encrypted user secret key stored in the storage 304 based on the decrypted user local key.

If the user 320 requests the restoration of the user secret key, the processor 305 deletes the user secret key based on the restoration information transmitted to the key management server 320 and the trust terminal 330, . The secret key restoration process will be described with reference to FIG.

5 is a block diagram of a secret key recovery process of the terminal 300 according to an embodiment of the present invention.

If the user 310 requests the user private key recovery (S500), the processor 305 may retrieve the recovery parameter and the public key based encryption local key corresponding to the user 310 from the key management server 320 ( S530). Then, the processor 305 may retrieve the first restored coordinate information and the second restored coordinate information transmitted to the first trusted terminal 400 and the third trusted terminal 420, respectively (S510 and S520).

The processor 305 restores the user secret key based on the recovered restored coordinate information and restoration parameter. First, the processor 305 can restore the secret key restoration polynomial as shown in Equation (1) by replacing the restored coordinate information with the coordinates before performing the remaining operations. For example, the processor 305 may recover the secret key recovery polynomial using a Lagrange basis polynomial and a Lagrange interpolation polynomial. Then, the processor 305 can restore the user secret key based on the restoration parameter and the recovered secret key restoration polynomial. After restoring the user secret key, the processor 305 may decrypt the encrypted user local key using the password and generate the encrypted user secret key again based on the decrypted user local key.

At this time, if the user local key is corrupted or lost together with the user secret key, the processor 305 can generate a new user local key and encrypt the new user local key using the key management server public key. Processor 305 may forward the encrypted new user local key to the key management server 320 based on the key management server public key to replace the public key based encryption local key corresponding to the pre-stored user. The processor 305 may then encrypt the new user local key with a password and store it in the storage 304. The processor 305 may also re-encrypt the restored user secret key based on the new user local key to generate an encrypted user secret key.

If the user has tampered with or lost the user's local key, the processor 503 may restore the user's local key in the same way as if the user's local key was compromised or lost, along with the user's secret key.

If a reset of the password is requested from the user 310, the processor 305 can regenerate the password based on the public key based encryption local key previously stored in the key management server 320. [ The process of regenerating the password will be described with reference to FIG.

6 is a block diagram for explaining a password regeneration process of the terminal 300 according to an embodiment of the present invention.

When the password restoration request of the user 310 is received (S600), the processor 305 may request the key management server 320 to authenticate the user 310. [ For example, the authentication of the user 310 may be performed by the user 310 via the SMS, e-mail, ARS, or the like, which has been previously set in the key management server 320, authentication through an OTP (one time password) Authentication through an authorized authentication center, and the like. The key management server 320 according to an embodiment of the present invention can perform authentication of the user 310 through a plurality of authentication methods.

If authentication of the user 310 is successful, the key management server 320 may decrypt the public key based encryption local key corresponding to the user 310 based on the key management server public key. The key management server 320 generates a disposable temporary key, and may transmit the generated temporary key to the user 310 (S610). At this time, the key management server 320 can transmit the temporary key to the user 310 through the SMS and E-mail set by the user 310.

In addition, the key management server 320 may encrypt the decrypted user local key based on the temporary key to generate a temporary key based encrypted local key. The key management server 32 may forward the generated temporary key based encryption local key to the processor 305 (S620).

The processor 305 may receive the temporary key based encryption local key transmitted from the key management server 320 via the communication module 302. [ When the user 310 inputs the temporary key through the input module 303, the temporary key based encryption local key received from the key management server 320 is decrypted based on the input temporary key, and the user local key is generated . The processor 305 may then decrypt the encrypted user secret key based on the user's local key.

Processor 305 may decrypt the encrypted user secret key and then generate a new user local key. In addition, the processor 305 may generate a new password. In addition, the processor 305 may generate a new user local key with a new password and store it in the storage 304.

The processor 305 may then re-encrypt the decrypted user private key with the new user local key. The processor 305 may encrypt the new user local key with the key management server public key to generate a new public key based encryption local key and forward it to the key management server 320. The key management server 320 may replace the received public key based encryption local key with the previously stored public key based encryption local key in response to the user 310 and store the same in the storage.

Next, a secret key encryption and decryption method in the terminal 300 according to an embodiment of the present invention will be described with reference to FIGS. 7 to 10. FIG.

7 is a flowchart of a secret key generation method in a terminal 300 according to an embodiment of the present invention.

Upon receiving the secret key generation request of the user 310 (S700), the terminal 300 generates a user secret key, a user local key, and a password (S710). The terminal 300 may generate and publish a user public key corresponding to the user private key. At this time, the password may be received from the user 310 or may be generated by the terminal 300 and then transmitted to the user 310.

The terminal 300 can encrypt the user secret key and the user local key (S720). Specifically, the terminal 300 can encrypt a user's local key based on a key management server public key disclosed by the key management server 320, thereby generating a public key based encrypted local key. Then, the terminal 300 may transmit the generated public key based encryption local key to the key management server 320 (S730). In addition, the terminal 300 may encrypt and store the user secret key based on the user's local key and password.

The terminal 300 may encrypt the user secret key and then generate restoration information for restoring the user secret key (S740). At this time, the reconstruction information may include restored coordinate information and reconstruction parameters described above with reference to FIG.

When the restoration information is generated, the terminal 300 may transmit restoration information to the key management server 320 and one or more trust terminals 330 (S750). At this time, the terminal 300 may transmit restoration parameters to the key management server 320 and may transmit restoration coordinate information to the one or more trusted terminals 330, respectively.

FIG. 8 is a flowchart of a secret key decryption method in the terminal 300 according to an embodiment of the present invention.

When the user secret key is encrypted and then the secret key decryption request and password of the user 310 are received (S800), the terminal 300 may decrypt the encrypted user local key based on the password (S810). Then, the terminal 300 can decrypt the encrypted user secret key using the decrypted user's local key (S820)

9 is a flowchart of a secret key recovery method in a terminal 300 according to an embodiment of the present invention.

Upon receiving the secret key restoration request of the user 310, the terminal 300 may receive restoration information from the key management server 320 and one or more trusted terminals 330 (S910). At this time, the terminal 300 may receive restoration parameters from the key management server 320 and receive restored coordinate information from the one or more trusted terminals 330.

The terminal 300 may restore the user secret key based on the restoration parameter received from the key management server 320 and the restored coordinate information received from the one or more trust terminals 330 (S920). At this time, if only the user's private key is damaged or lost, the terminal 300 receives the password from the user 310 (S940) and generates an encrypted user's secret key based on the received password and the pre-stored user's local key (S950).

If it is determined that the user's local key has been compromised or lost as well as the user's secret key has been lost (S930), the terminal 300 generates a new user's local key (S960) You can encrypt it. At this time, the terminal 300 can generate a new public key based encryption local key by encrypting the new user local key using the public key of the key management server 320 (S970). The terminal 300 may forward the public key based encryption local key to the key management server 320 and replace the public key based encryption local key corresponding to the previously stored user 310 with the new public key based encryption local key .

10 is a flowchart of a password recovery method of the terminal 300 according to an embodiment of the present invention.

When the user 310 requests resetting of the password (S1000), the terminal 300 transmits a password reset request to the key management server 320 and may request authentication of the user 310 (S1010). At this time, authentication of the user 310 may be performed as described above with reference to FIG.

In response to the authentication request of the terminal 300, the key management server 320 can perform the authentication of the user 310. [ If authentication is successful, the key management server 320 may decrypt the public key based encryption local key corresponding to the user 310 based on the key management server public key. And the key management server 320 may forward the temporary key to the user 310. [ In addition, the key management server 320 may encrypt the decrypted local key based on the temporary key to generate and transmit the temporary key based encryption local key to the terminal 300.

The terminal 300 may receive the temporary key-based encrypted local key from the key management server 320 (S1020). The terminal 300 may decrypt the user local key based on the received temporary key based encryption local key and the temporary key entered by the user 310. Then, the terminal 300 may decrypt the encrypted user secret key based on the decrypted user local key (S 1030). Then, the terminal 300 can reset the encrypted user secret key and the password based on the decrypted user local key and the decrypted user secret key.

11, a key management server for providing secret key encryption and restoration according to an embodiment of the present invention will be described.

11 is a block diagram of a key management server that provides secret key encryption and recovery according to one embodiment of the present invention.

The key management server 320, which provides secret key encryption and recovery according to an embodiment of the present invention, provides the secret key encryption and restoration of the user at the terminal. At this time, the key management server 320 includes a communication module 1100, a storage 1110, a memory 1120, and a processor 1130.

The communication module 1100 communicates with the user 310 and the terminal 300. The communication module 1100 may include a network module for providing wired or wireless network communication and an integrated driver electronics (IDE), a peripheral component interconnect bus (PCI), a parallel ATA (PATA), a serial ATA bus), and the like.

The storage 1110 may store a public key based encrypted user secret key and reconstruction information and the like. At this time, the storage 1110 may be embedded in the terminal 300 as a storage device such as a solid state driver and a hard disk driver. In addition, the storage 1110 may be a storage device or a storage server connected through the communication module 1100.

The memory 1120 stores a secret key encryption and decryption program. Here, the memory 1120 is collectively referred to as a non-volatile storage device that keeps stored information even when power is not supplied.

The processor 1130 generates a key management server public key corresponding to the key management server secret key and the key management server secret key according to the execution of the program. The processor 1130 may then publish the generated key management server public key.

Processor 1130 also receives local key and recovery information from terminal 300 and stores it in storage 1110. Specifically, the terminal 300 may generate a public key based encryption local key by encrypting the user local key generated by the terminal 300 based on the key management server public key, and then transmit the encryption key to the processor 130. The processor 1130 may store the public key based encrypted local key received from the terminal 300 through the communication module 1100 in the storage 1110. [

In addition, the terminal 300 may generate reconstruction information for restoring the user's private key, and may transmit the reconstruction information to the processor 1130. The processor 1130 may receive restoration information for restoring the user's private key from the terminal 300 and store the restoration information in the storage 1110. [ At this time, the reconstruction information may be a reconstruction parameter generated by the terminal 300. The terminal 300 can generate restored coordinate information and restoration parameters based on the user secret key. The terminal 300 may transmit the generated restored coordinate information to the one or more trusted terminals 330 and may transmit the restored parameters to the processor 1130. The processor 1130 may store the received restoration parameters in the storage 1110.

When the terminal 300 selects the key management server 320 as the trusted terminal, the processor 1130 receives the restored coordinate information transmitted by the terminal 300 together with the restoration parameter through the communication module 1100 . The processor 1130 may store the received restored coordinate information in the storage 1110. [

Meanwhile, the terminal 300 may request the local key and the restoration information to the processor 1130 in order to restore the user secret key when the user 310 compromises or loses the user secret key. The processor 1130 transmits the local key and the restoration information to the terminal 300 through the communication module 1100 at the request of the terminal 300. [ At this time, the reconstruction information to be transmitted may be a restoration parameter. Also, when the key management server 320 is the trusted terminal 330, the restored information to be transmitted may include restored coordinate information.

In addition, if the user 310 loses a password, the terminal 300 can transmit a user authentication request 310 for requesting a password to the processor 1130. The processor 1130 may perform authentication of the user 310 at the request of the terminal 300. At this time, the authentication of the user is performed by the user 310 via the SMS, e-mail, ARS, etc., which is set in the key management server 320, authentication through the OTP token, and authentication through an authorized authentication center . The processor 1130 according to an embodiment of the present invention can perform authentication of the user 310 through a plurality of authentication methods.

If authentication of user 310 is successful, processor 1130 may generate a disposable temporary key. The processor 1130 may transmit the temporary key to the user 310 and share the temporary key with the user 310 via the SMS and E-mail set by the user 310. [

In addition, processor 1130 may generate a temporary key based encryption local key based on a public key based temporary key stored in storage 1110. [ Specifically, the processor 1130 may decrypt the public key based encryption local key, and then encrypt it using the temporary key to generate the temporary key based encryption local key. The processor 1130 may then transmit the temporary key based encryption local key to the terminal 300 via the communication module 1100. [

The processor 1130 may then store the new public key based encryption local key generated by the terminal 300 in the storage 1110 when received via the communication module.

The terminal 300, the server 320 and the method providing the secret key encryption and restoration of the user 310 do not store the secret key of the user 310 in the central server such as the key management server 320, It is possible to prevent the secret key of the user 310 from being leaked even if the server 320 is hacked. In addition, the terminal 300, the server 320, and the method that provide the secret key encryption and restoration of the user 310 may be configured such that when the user 310 loses the secret key, It is possible to safely restore the secret key based on the secret key.

The terminal 300, the server 320 and the method that provide the secret key encryption and restoration of the user 310 can safely restore the existing secret key even if the user 310 loses the password, ) Need not be issued a new secret key. In addition, the terminal 300, the terminal 300, the server 320, and the method that provide the secret key encryption and restoration of the user can reduce the risk of loss of the secret key when the password is lost. Therefore, the terminal 300, server 320 and method providing secret key encryption and recovery of the user 310 may conveniently be capable of password resetting, It can be safe from leakage of important information such as information.

One embodiment of the present invention may also be embodied in the form of a recording medium including instructions executable by a computer, such as program modules, being executed by a computer. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium can include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.

While the methods and systems of the present invention have been described in connection with specific embodiments, some or all of those elements or operations may be implemented using a computer system having a general purpose hardware architecture.

It will be understood by those skilled in the art that the foregoing description of the present invention has been presented for illustrative purposes and that those skilled in the art will readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

The scope of the present invention is defined by the appended claims rather than the detailed description and all changes or modifications derived from the meaning and scope of the claims and their equivalents are to be construed as being included within the scope of the present invention do.

300: secret key encryption and restoration terminal
301: Memory
302: Communication module
303: input module
304: Storage
305: Processor
310: User
320: Key management server
330: trusted terminal

Claims (17)

In a terminal that provides secret key encryption and recovery,
Communication module,
Secret key encryption and restoration program stored memory and
And a processor for executing the program,
Wherein when the restoration of the secret key of the user is requested, the processor restores the secret key requested to be restored based on the restoration information received from the key management server and one or more trusted terminals,
Wherein the secret key of the user is generated and encrypted by the processor at the request of the user,
Wherein the restoration information is generated corresponding to the secret key, and then transmitted to the key management server and the one or more trusted terminals via the communication module. The method according to claim 1,
Wherein the reconstruction information includes one or more restored coordinate information and parameters generated based on the secret key,
Wherein the processor transmits the restored coordinate information to the trusted terminal and transmits the parameter to the key management server. 3. The method of claim 2,
Wherein the processor transmits the restored coordinate information to the trusted terminals in a number greater than or equal to the number of the one or more restored coordinates. The method according to claim 1,
The processor, when generating the secret key, defines a password,
And decrypting the encrypted secret key based on the defined password when the restoration is requested. 5. The method of claim 4,
Wherein the processor generates the encrypted secret key based on the password after the secret key is restored. 5. The method of claim 4,
The processor generates a local key after the secret key is restored,
And generates the encrypted secret key based on the password and the generated local key. 5. The method of claim 4,
Wherein the processor generates and transmits a local key to the key management server when generating the secret key,
If the reset of the password is requested, transmitting the reset request to the key management server, receiving the local key from the key management server, decrypting the encrypted secret key based on the received local key, And reconstructs the encrypted secret key and the password based on the decrypted secret key. 8. The method of claim 7,
Further comprising an input module,
Wherein the processor performs decryption of the encrypted secret key based on the local key and a temporary key input from the user through the input module,
Wherein the secret key is generated by the key management server and then received by the user from the key management server. A method for encrypting and restoring a secret key in a terminal,
Receiving restoration information from the key management server and one or more trusted terminals, respectively, in response to a restore request for the user's private key; And
And restoring the secret key requested to be restored based on the received restoration information,
The secret key is encrypted after being generated by the terminal,
Wherein the restoration information is generated corresponding to the secret key, and then transmitted to the key management server and one or more trust terminals. 10. The method of claim 9,
Wherein the reconstruction information includes one or more restored coordinate information and parameters generated based on the secret key,
The step of delivering to the key management server and the one or more trusted terminals
Transmitting the restored coordinate information to the one or more trusted terminals; And
And transmitting the parameter to the key management server. 10. The method of claim 9,
Defining a password when generating the secret key;
Encrypting the secret key based on the password; And
And decrypting the encrypted secret key based on the password. 12. The method of claim 11,
And generating the encrypted secret key based on the recovered secret key and the password after the secret key is recovered. 12. The method of claim 11,
Generating a local key after the secret key is restored; And
And generating the encrypted secret key based on the password and the generated local key. 12. The method of claim 11,
Transmitting the reset request to the key management server when the password is requested to be reset;
Receiving a local key from the key management server;
Decrypting the encrypted secret key based on the received local key; And
And regenerating the encrypted secret key and the password based on the decrypted secret key,
Wherein the local key is generated by the terminal when generating the secret key, and then transmitted to the key management server. A computer-readable recording medium recording a program for performing the method according to any one of claims 9 to 14 on a computer. A key management server for providing secret key encryption and restoration,
Communication module,
storage,
Secret key encryption and restoration program stored memory and
And a processor for executing the program,
Wherein the processor receives the local key and the restoration information from the terminal according to the execution of the program, stores the local key and the restoration information in the storage,
Wherein the key management server transmits at least one of the local key and the restoration information stored in the storage to the terminal according to a request from the terminal. 17. The method of claim 16,
Wherein the processor performs authentication for a user corresponding to the terminal according to a request of the terminal,
And transmits the encrypted local key to the terminal when the authentication is successful.
KR1020150087580A 2015-04-28 2015-06-19 Device, server and method for providing a secret key encryption and restore KR20160128170A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/140,742 US10020939B2 (en) 2015-04-28 2016-04-28 Device, server and method for providing secret key encryption and restoration

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020150059763 2015-04-28
KR20150059763 2015-04-28

Publications (1)

Publication Number Publication Date
KR20160128170A true KR20160128170A (en) 2016-11-07

Family

ID=57529975

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150087580A KR20160128170A (en) 2015-04-28 2015-06-19 Device, server and method for providing a secret key encryption and restore

Country Status (1)

Country Link
KR (1) KR20160128170A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180131056A (en) * 2017-05-31 2018-12-10 삼성에스디에스 주식회사 System for managing encryption keys for cloud services
KR20200020736A (en) * 2017-06-20 2020-02-26 엔체인 홀딩스 리미티드 System and method for multi-round token distribution using blockchain network

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20180131056A (en) * 2017-05-31 2018-12-10 삼성에스디에스 주식회사 System for managing encryption keys for cloud services
US10893032B2 (en) 2017-05-31 2021-01-12 Samsung Sds Co., Ltd. Encryption key management system for cloud services
KR20200020736A (en) * 2017-06-20 2020-02-26 엔체인 홀딩스 리미티드 System and method for multi-round token distribution using blockchain network

Similar Documents

Publication Publication Date Title
US10020939B2 (en) Device, server and method for providing secret key encryption and restoration
CN113656806B (en) Trusted starting method and device of block chain all-in-one machine
US9813414B2 (en) Password-based management of encrypted files
JP7454564B2 (en) Methods, user devices, management devices, storage media and computer program products for key management
US20200034550A1 (en) System and method to protect data privacy of lightweight devices using blockchain and multi-party computation
JP4902207B2 (en) System and method for managing multiple keys for file encryption and decryption
EP2876857B1 (en) Secure access for encrypted data
JP2022133423A (en) Encrypted asset encryption key parts allowing for assembly of asset encryption key using subset of the encrypted asset encryption key parts
US20200259637A1 (en) Management and distribution of keys in distributed environments
US20070039046A1 (en) Proof of execution using random function
CN112118245B (en) Key management method, system and equipment
CN110557248B (en) Secret key updating method and system based on signcryption of certificateless cryptography
US10116442B2 (en) Data storage apparatus, data updating system, data processing method, and computer readable medium
US20150143107A1 (en) Data security tools for shared data
WO2018165835A1 (en) Cloud ciphertext access control method and system
CN111191217A (en) Password management method and related device
JP2023008395A (en) Secure, robust federated learning system by multi-party type homomorphic encryption and federated learning method
KR20160128170A (en) Device, server and method for providing a secret key encryption and restore
US20220407690A1 (en) Key ladder generating a device public key
KR20200080011A (en) System and method for distributing and storing data
CN113282945B (en) Intelligent lock authority management method and device, electronic equipment and storage medium
CN114329390A (en) Financial institution database access password protection method and system
KR101595056B1 (en) System and method for data sharing of intercloud enviroment
KR101936955B1 (en) The method of backing up and restoring secret information utilizing asymmetric application of Diffie-Hellman and elliptic curve Diffie-Hellman algorithm
JP7159747B2 (en) Electronic file creation device, electronic data processing device, electronic data management system, electronic data management method, and program

Legal Events

Date Code Title Description
A201 Request for examination
E601 Decision to refuse application