WO2020135853A1 - 密钥安全管理系统和方法、介质和计算机程序 - Google Patents

密钥安全管理系统和方法、介质和计算机程序 Download PDF

Info

Publication number
WO2020135853A1
WO2020135853A1 PCT/CN2019/129769 CN2019129769W WO2020135853A1 WO 2020135853 A1 WO2020135853 A1 WO 2020135853A1 CN 2019129769 W CN2019129769 W CN 2019129769W WO 2020135853 A1 WO2020135853 A1 WO 2020135853A1
Authority
WO
WIPO (PCT)
Prior art keywords
operation request
key
user
key pair
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/129769
Other languages
English (en)
French (fr)
Chinese (zh)
Inventor
顾建良
马帮亚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Weilian Information Technology Co Ltd
Original Assignee
Shanghai Weilian Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Weilian Information Technology Co Ltd filed Critical Shanghai Weilian Information Technology Co Ltd
Priority to US17/309,831 priority Critical patent/US12058252B2/en
Priority to EP19906368.6A priority patent/EP3879747A4/en
Priority to SG11202106514TA priority patent/SG11202106514TA/en
Priority to JP2021537206A priority patent/JP7426031B2/ja
Publication of WO2020135853A1 publication Critical patent/WO2020135853A1/zh
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • This application relates to the field of key management, in particular to a key security management system and method, a non-volatile storage medium, and a computer program.
  • the transaction process involves the use of keys to encrypt, decrypt, and sign data. Therefore, the level of key management security determines the security of the transaction process. Key management usually includes the generation, use and destruction of keys.
  • symmetric encryption algorithms can be divided into two categories: symmetric encryption algorithms and asymmetric encryption algorithms.
  • data encryption and decryption use the same key.
  • asymmetric encryption system two different keys are used for data encryption and decryption. These two keys depend on each other to form a key pair, called a public key and a private key, respectively.
  • the public key can be made public and can be sent through a secure or non-secure channel, while the private key is the non-public part, and no one knows it except the holder.
  • user A has a key pair, which includes the user's public key P k and private key S k . User A sends his public key P k to another user B.
  • user B wants to transmit data to user A, he can use user A's public key P k to encrypt the data and transmit it to user A.
  • User A after receiving the encrypted data using its private key S k for decrypting the encrypted data to recover the transmitted to user B wants his data (plaintext).
  • user A wants to transmit data to user B, he can use his own private key Sk to sign the data and transmit the signed data to user B.
  • user B After user B receives the signed data, if user A can decrypt it using public key P k of user A, it can verify that the data is sent by user A. Therefore, it can be seen that using the private key to sign the data enables the receiver to verify the identity of the sender. Due to this characteristic of the private key, the security requirements for private key management become very high.
  • the present disclosure provides a key security management solution for digital asset management of enterprise users.
  • the user's private key will not leave the hardware security device. Ensures a high degree of security of user private keys.
  • the key security management system includes: a security host configured to receive a first operation request, verify the first operation request, and generate a second operation request based on the first operation request when the verification is passed, Both the first operation request and the second operation request include an identity, and a hardware security device configured to receive the second operation request from the security host and verify the second operation request, And when the verification is passed, the type of the second operation request is parsed, and an operation related to a key pair associated with the identity is performed based on the type of the second operation request, the key pair includes specific A public key and a private key of the identity.
  • the method includes: a first operation request is received by a security host; the first operation request is verified by the security host and a second operation request is generated based on the first operation request when the verification is passed, the first Both the operation request and the second operation request include an identification; the hardware security device receives the second operation request from the security host, verifies the second operation request, and resolves the verification when the verification is passed The type of the second operation request; and operations performed by the hardware security device based on the type of the second operation request and related to a key pair associated with the identity, the key pair including A public key and a private key describing the identity.
  • Yet another aspect of the present disclosure provides a non-volatile computer-readable storage medium on which machine-executable instructions are stored, and when executed by a computer, the machine-executable instructions execute the key security described in the above aspects Management methods.
  • Yet another aspect of the present disclosure provides a computer program that includes machine-executable instructions that, when executed, perform the key security management method described in the above aspect.
  • FIG. 1 shows a schematic diagram of a key security management system according to the present disclosure
  • FIG. 2 shows a flowchart of a key security management method according to the present disclosure
  • FIG. 3 shows a flowchart of an operation example of the hardware security device in the key security management system shown in FIG. 1;
  • FIG. 4 shows a flowchart of another operation example of the hardware security device in the key security management system shown in FIG. 1;
  • FIG. 5 shows a flowchart of still another operation example of the hardware security device in the key security management system shown in FIG. 1.
  • FIG. 1 shows a schematic diagram of a key security management system 10 according to the present disclosure.
  • the key security management system 10 includes a security host 11 and a hardware security device 12.
  • the secure host 11 can be any type of computer.
  • the hardware security device 12 may be a hardware security module (Hardware Security Module, HSM) or other international standards that meet predetermined security certification standards, such as the Common Criteria for Information Technology Security Evaluation (Common Criteria), the United States Federal Information Processing Standard (FIPS) 140-2 and other international Certified hardware security device, which includes memory (not shown in the figure) and processor (not shown in the figure).
  • the hardware security device 12 can generate a key pair including a public key and a private key dedicated to digital asset management according to various asymmetric cryptographic algorithms. These asymmetric cryptographic algorithms are well known in the art and will not be repeated here.
  • the secure host 11 is configured to receive the first operation request, verify the first operation request, and generate a second operation request based on the first operation request when the verification is passed, where both the first operation request and the second operation request include an identity Logo.
  • the identity may be the identity of the user and/or the identity of the organization associated with the user.
  • "User” and “organization” in this disclosure refer to different subjects with affiliation, and "user” belongs to the "organization” associated with it.
  • an "organization” can be an enterprise, and a "user” can be an employee, sub-organization, department, or other user or customer of the enterprise. Each subject has a unique identity.
  • the hardware security device 12 is configured to receive the second operation request from the security host 11, verify the second operation request, and parse the type of the second operation request when the verification is passed, and execute and associate based on the type of the second operation request
  • the operation of the key pair of the identity includes a public key and a private key specific to the identity.
  • the hardware security device 12 can derive the organization's secret based on the Hierarchical Deterministic Wallet rules (referred to simply as Hierarchical Deterministic Wallet) rules jointly defined in Bitcoin Improvement Proposals BIP32, BIP39, and BIP44. Key pair and user's key pair.
  • BIP32 specifies a method for generating a key pair series of a hierarchical tree structure from a random seed
  • BIP39 specifies a method for deriving a random seed from a mnemonic sentence
  • BIP44 further gives each layer in the hierarchical tree structure Special meaning.
  • BIP32, BIP39 and BIP44 please refer to the corresponding Bitcoin Improvement Protocol.
  • a mnemonic sentence is first converted into a random seed by the function PBKDF2, and then the random seed is hashed to generate a master root key pair corresponding to the root node, and then derived based on the master root key pair
  • the key pair of the child node corresponding to the child node of the root node is further derived based on the key pair of each child node, and the key pair of the child node of the child node is further derived, so that it can continue forever.
  • the root node can derive several child nodes, and each child node can derive several child nodes, so that an infinite number of key pairs with different levels can be derived based on a random seed.
  • Each child node from the root node to the tree structure has a different path, and each path corresponds to a child node one by one. Therefore, according to the key pair of the root node and the path of the child node, the density of the child node corresponding to the path can be determined Key pair. If the root node corresponds to an organization (such as a company) and the child node corresponds to a user of the organization (such as a department or a member of the company), the master root key pair corresponding to the root node can be used as the master root of the organization Key pair, the key pair corresponding to the child node can be used as the user's key pair.
  • an organization such as a company
  • a user of the organization such as a department or a member of the company
  • the master root key pair corresponding to the root node can be used as the master root of the organization Key pair
  • the key pair corresponding to the child node can be used as the user's key pair.
  • the key security system 10 also includes an application server 13.
  • the application server 13 may be located in the same network as the secure host 11 or may be located in a different network and connected to the secure host 11 via a network bridge, for example.
  • the application server 13 is configured to receive an access request from an external node, such as the client 20 or the blockchain node 30, generate at least one first operation request according to the access request, and send the first operation request to the secure host 11.
  • an external node such as the client 20 or the blockchain node 30
  • the application server 13 may also receive the result of the operation from the security host 11 and return it to an external node.
  • the security host 11 and the hardware security device 12 are located in the same security network domain, so that the application server 13 or other external components can only access the hardware security device 12 through the security host 11 (that is, the security host 11 serves as a gateway to the hardware security device 12). For example, this can be achieved by setting a firewall at the secure host 11 and a secure link between the secure host 11 and the hardware security device 12.
  • FIG. 2 shows a schematic diagram of a key security management method 100 according to the present disclosure. Each step of the method 100 may be performed by the corresponding subject shown in FIG. 1 respectively. The method 100 will be described in detail below with reference to FIGS. 1 and 2 respectively.
  • the secure host 11 is configured to receive the first operation request (step 110).
  • the first operation request is signed by the sender of the request (for example, the application server 13 as shown in FIG. 1) and includes at least one identity depending on the requested service type.
  • the first operation request may be, for example, various operation requests for digital assets, such as a transfer request, or various operation requests that are not related to digital assets, such as deploying a smart contract, invoking a smart contract, and so on.
  • a digital asset is broadly understood to include digital possessions other than cryptocurrencies (such as digital documents or digital artwork, etc.)
  • the first operation request may also be the transfer or certification of the digital possessions request.
  • the secure host 11 is configured to verify the first operation request (step 120).
  • the verification of step 120 may include verifying the validity of the certificate of the sender of the first operation request (such as the application server 13) and the validity of the signature.
  • the secure host 11 parses the first operation request to obtain the application server certificate and the application server signature contained therein.
  • the application server certificate contains the identity of the application server 13, the list of allowed service types of the application server 13, and the validity period of the application server certificate.
  • the secure host 11 uses the public key of the application server 13 to decrypt the application server signature to obtain the service type requested by the first operation request.
  • the secure host 11 compares the service type requested by the first operation request with the list of allowed service types contained in the application server certificate to determine whether to allow the service type requested by the first operation request.
  • the secure host 11 may also be configured to verify whether the application server certificate is within its validity period. In addition, in some implementations, the secure host 11 may also be configured to obtain the status of the application server certificate from the blockchain to verify whether its status is valid. If all of the above determinations are yes, it is determined in step 121 that the first operation request has passed verification.
  • the secure host 11 If the first operation request is verified (YES in step 121), the secure host 11 generates a second operation request based on the first operation request (step 122) and sends it to the hardware security device 12 (step 123).
  • the second operation request includes at least a type field and a data field.
  • the type field can be encoded using a predefined binary sequence, and different binary sequences represent different types. By decoding the type field, the type of the second operation request can be determined.
  • the data field may include one identity, such as an organization's identity, or may include two identity, such as an organization's identity and a user's identity associated with the organization.
  • the second operation request is signed by the secure host 11 with its private key.
  • the hardware security device 12 is configured to verify the second operation request after receiving the second operation request (step 130).
  • the verification of step 130 may include verifying the validity of the certificate of the secure host 11 and the validity of the signature.
  • the hardware security device 12 is configured to parse the second operation request to obtain the secure host certificate and the secure host signature contained therein.
  • the secure host certificate includes the identity of the secure host 11, a list of allowed service types of the secure host 11, and the validity period of the secure host certificate.
  • the hardware security device 12 decrypts the secure host signature using the public key of the secure host 11 to determine whether the second operation request is signed by the secure host 11. Further, the hardware security device 12 may also be configured to verify whether the secure host certificate is within its validity period. If all the above judgments are yes, it is judged in step 131 that the verification of the second operation request passes.
  • the hardware security device 12 is further configured to parse the type of the second operation request (step 132) after verification of the second operation request is passed (YES in step 131), and execute based on the type of the second operation request Operations related to a key pair associated with the identity (step 133).
  • “operation related to a key pair associated with the identity” may refer to any operation performed by the hardware security device 12 related to the key pair associated with the identity included in the request.
  • the hardware security device 12 sends a second operation request result to the security host 11 to indicate the failure of the request or return a response to the request, respectively (step 134).
  • the request result is also sent by the secure host 11 to the application server 13 (if any) (step 124), and the result is then sent to the requesting external node (such as client 20 or blockchain node 30) ) (Not shown in the figure).
  • FIG. 3 shows a flowchart of an operation example of the hardware security device 12 in the key security management system 10 shown in FIG.
  • the analysis result of the second operation request in step 132 indicates that the type of the second operation request is the master root key pair that generates the organization, and the data field of the second operation request contains the organization Identity.
  • the hardware security device 12 when performing the operation related to the key pair associated with the identity based on the type of the second operation request (step 133), the hardware security device 12 is further configured to respond to the type of the second operation request is the request generation organization
  • the master root key pair of the first generate a random key seed (step 1331), and then use the key seed to generate the organization's master root key pair (step 1332), and store the master root key pair in its memory (step 1333).
  • the hardware security device 12 is further configured to destroy the key seed after generating the organization's master root key pair (step 1334).
  • the second operation request result in step 134 may include an indication that the organization's master root key was successfully generated.
  • FIG. 4 shows a flowchart of another operation example of the hardware security device 12 in the key security management system 10 shown in FIG.
  • the analysis result of the second operation request in step 132 indicates that the type of the second operation request is to request to obtain the user's public key, and the data field of the second operation request contains the identity of the organization ID and the user's ID.
  • the hardware security device 12 stores an organized master root key pair.
  • the hardware security device 12 when performing the operation related to the key pair associated with the identity based on the type of the second operation request (step 133), the hardware security device 12 is further configured to respond to the type of the second operation request being a request to acquire the user
  • the public key of the organization determine the organization’s master root key pair according to the organization’s identity (step 1335), determine the user’s key pair generation path based on the user’s identity (step 1336), and generate the path and organization’s key based on the user’s key pair
  • the master root key pair derives the user's key pair (step 1337).
  • the result of the second operation request in step 134 includes the public key in the user's key pair.
  • the system can predefine the mapping relationship between the identity and the path of the derived child node (each user corresponds to a child node) of the hierarchical deterministic rules, so that the user's key pair generation can be determined based on the user's identity path.
  • a hash operation can be performed on the combination of the user's identity and the organization's identity to obtain a hash value, and then the user's key pair generation path is determined based on the hash value and layered deterministic rules.
  • FIG. 5 shows a flowchart of still another operation example of the hardware security device 12 in the key security management system 10 shown in FIG.
  • the analysis result of the second operation request in step 132 indicates that the type of the second operation request is to sign the data to be signed, and the data field of the second operation request contains the identity of the organization , The user's identity and the data to be signed.
  • the hardware security device 12 stores the master root key pair of the organization.
  • the hardware security device 12 when performing an operation related to the key pair associated with the identity based on the type of the second operation request (step 133), the hardware security device 12 is further configured to respond to the type of request for the second operation request to be signed Sign the data, determine the organization's master root key pair according to the organization's identity (step 1339), determine the user's key pair generation path based on the user's identity (step 1340), generate the path based on the user's key pair and the organization's
  • the master root key pair derives the user's key pair (step 1341), and uses the private key in the user's key pair to sign the signature data to obtain signature data (step 1342).
  • the hardware security device 12 is further configured to destroy the user's private key after signing (not shown in the figure).
  • the result of the second operation request in step 134 includes the signature data.
  • Steps 1336 and/or 1340 may specifically include: performing a hash operation on the combination of the user's identity and the organization's identity to obtain a hash value, and determining the user's Key pair generation path.
  • FIG. 4 and FIG. 5 are described by taking an example of an organized master root key pair stored in advance in the hardware security device 12, however, those skilled in the art can understand that the present disclosure is not limited to this.
  • the hardware security device 12 may not store the organization's master root key pair in advance, but each time the user's public key or signature is requested, the method flow shown in FIG. 3 is executed to generate the organization's master root key pair as The basis for exporting the user's public or private key.
  • the hardware security device-specific device can be generated by referring to the method shown in FIG. 12 root key pair, and derive the master root key pair of each organization based on the relationship between the root key pair and each organization managed by the hardware security device 12 (similar to the examples shown in FIGS. 4 and 5 Derivation of the user's key pair).
  • the hardware security device-specific device can be generated by referring to the method shown in FIG. 12 root key pair, and derive the master root key pair of each organization based on the relationship between the root key pair and each organization managed by the hardware security device 12 (similar to the examples shown in FIGS. 4 and 5 Derivation of the user's key pair).
  • only the root key pair specific to the key security device 12 may be stored in the key security device 12 without storing the key pair of any organization or its users.
  • the present disclosure effectively prevents unauthorized access by double authentication of the operation request by the host 11 and the hardware security device 12.
  • the present disclosure takes advantage of the high security features of the hardware security device 12 to perform key generation and use operations within the hardware security device 12.
  • the user's private key is destroyed after use, so that the user's private key will not leave the hardware security device 12 under any circumstances, that is, no device can obtain the user's private key.
  • only authorized devices can obtain the user's private key signature, thereby ensuring a high degree of security of the user's private key.
  • the present disclosure adopts a method of determining the user's key based on hierarchical deterministic rules, therefore, for users or customers of different sub-organizations, departments, employees, or enterprises within the enterprise, a separate digital asset account is required , You can easily manage the private keys of these separate digital asset accounts without having to save the private keys themselves, which greatly improves the security of digital asset management.
  • non-volatile computer-readable storage medium including machine-executable instructions, which can be executed by a computer to perform the key security management method 100 of the present disclosure.
  • the functions described in this disclosure may be implemented in hardware, software, firmware, or any combination thereof.
  • the functions can be stored as one or more instructions or codes on a computer-readable storage medium, or as one or more instructions or codes on a computer-readable storage medium transmission.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
PCT/CN2019/129769 2018-12-29 2019-12-30 密钥安全管理系统和方法、介质和计算机程序 Ceased WO2020135853A1 (zh)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US17/309,831 US12058252B2 (en) 2018-12-29 2019-12-30 Key security management system and method, medium, and computer program
EP19906368.6A EP3879747A4 (en) 2018-12-29 2019-12-30 KEY, MEDIA, AND COMPUTER PROGRAM SECURITY MANAGEMENT SYSTEM AND METHOD
SG11202106514TA SG11202106514TA (en) 2018-12-29 2019-12-30 Key security management system and method, medium, and computer program
JP2021537206A JP7426031B2 (ja) 2018-12-29 2019-12-30 鍵セキュリティ管理システムおよび方法、媒体、ならびにコンピュータプログラム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811633995.X 2018-12-29
CN201811633995.XA CN109687959B (zh) 2018-12-29 2018-12-29 密钥安全管理系统和方法、介质和计算机程序

Publications (1)

Publication Number Publication Date
WO2020135853A1 true WO2020135853A1 (zh) 2020-07-02

Family

ID=66191138

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/129769 Ceased WO2020135853A1 (zh) 2018-12-29 2019-12-30 密钥安全管理系统和方法、介质和计算机程序

Country Status (6)

Country Link
US (1) US12058252B2 (enExample)
EP (1) EP3879747A4 (enExample)
JP (1) JP7426031B2 (enExample)
CN (1) CN109687959B (enExample)
SG (1) SG11202106514TA (enExample)
WO (1) WO2020135853A1 (enExample)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109687975B (zh) * 2018-12-29 2020-11-03 飞天诚信科技股份有限公司 一种硬件钱包可脱机进行初始化的实现方法及装置
CN109687959B (zh) 2018-12-29 2021-11-12 上海唯链信息科技有限公司 密钥安全管理系统和方法、介质和计算机程序
US11100497B2 (en) * 2019-08-20 2021-08-24 Anchor Labs, Inc. Risk mitigation for a cryptoasset custodial system using a hardware security key
CN110519256B (zh) * 2019-08-21 2021-09-24 上海唯链信息科技有限公司 一种DApp访问USB私钥管理设备的方法及装置
KR20210023601A (ko) * 2019-08-23 2021-03-04 삼성전자주식회사 블록체인 계좌 정보를 제공하는 전자 장치와 이의 동작 방법
CN110401544A (zh) * 2019-08-29 2019-11-01 北京艾摩瑞策科技有限公司 知识付费平台用户的区块链私钥的代签方法及其装置
EP3886383A1 (en) * 2020-03-23 2021-09-29 Nokia Solutions and Networks Oy Apparatus, method and computer program for routing data in a dual or multi-connectivity configuration
CN111934858B (zh) * 2020-07-09 2022-03-18 中国电子科技集团公司第三十研究所 一种可监管的随机公钥派生方法
CN112187466B (zh) * 2020-09-01 2023-05-12 深信服科技股份有限公司 一种身份管理方法、装置、设备及存储介质
US11444771B2 (en) * 2020-09-08 2022-09-13 Micron Technology, Inc. Leveraging a trusted party third-party HSM and database to securely share a key
US11575508B2 (en) * 2021-06-02 2023-02-07 International Business Machines Corporation Unified HSM and key management service
CN113364589B (zh) * 2021-08-10 2021-11-02 深圳致星科技有限公司 用于联邦学习安全审计的密钥管理系统、方法及存储介质
CN113641494B (zh) * 2021-08-11 2025-07-15 京东科技控股股份有限公司 服务器的控制方法、装置和服务器
CN114978774B (zh) * 2022-07-28 2022-10-04 四川九洲空管科技有限责任公司 基于嵌套式保护结构的多层级密钥管理方法
CN116384999B (zh) * 2023-04-19 2024-08-30 山东高速信联科技股份有限公司 轻量级支持隐形地址的分层确定性钱包模型及方法
FR3149103A1 (fr) * 2023-05-26 2024-11-29 Ledger Système de gestion mutualisée de comptes de cryptoactifs à signature multipartite
FR3149104A1 (fr) * 2023-05-26 2024-11-29 Ledger Système de gestion mutualisée de comptes de cryptoactifs, ayant des modules matériels de gouvernance et de signature distincts

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103580872A (zh) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 一种用于密钥生成与管理的系统及方法
CN105915338A (zh) * 2016-05-27 2016-08-31 北京中油瑞飞信息技术有限责任公司 生成密钥的方法和系统
US20180097638A1 (en) * 2016-10-05 2018-04-05 The Toronto-Dominion Bank Certificate authority master key tracking on distributed ledger
CN108847937A (zh) * 2018-09-04 2018-11-20 捷德(中国)信息科技有限公司 密钥处理方法、装置、设备及介质
CN109687959A (zh) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 密钥安全管理系统和方法、介质和计算机程序

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002021409A1 (en) * 2000-09-08 2002-03-14 Tallent Guy S System and method for transparently providing certificate validation and other services within an electronic transaction
AU2002332671A1 (en) 2001-08-13 2003-03-03 Board Of Trustees Of The Leland Stanford Junior University Systems and methods for identity-based encryption and related cryptographic techniques
US20050114686A1 (en) 2003-11-21 2005-05-26 International Business Machines Corporation System and method for multiple users to securely access encrypted data on computer system
US7697691B2 (en) 2004-07-14 2010-04-13 Intel Corporation Method of delivering Direct Proof private keys to devices using an on-line service
CN100346249C (zh) * 2004-12-31 2007-10-31 联想(北京)有限公司 生成数字证书及应用该所生成的数字证书的方法
DE102005030590B4 (de) 2005-06-30 2011-03-24 Advanced Micro Devices, Inc., Sunnyvale Sicheres Patchsystem
CN1925401B (zh) * 2006-10-12 2011-06-15 中国联合网络通信有限公司北京市分公司 互联网接入系统及接入方法
CN101426190A (zh) * 2007-11-01 2009-05-06 华为技术有限公司 一种服务访问认证方法和系统
CN101459505B (zh) * 2007-12-14 2011-09-14 华为技术有限公司 生成用户私钥的方法、系统及用户设备、密钥生成中心
CN101359991A (zh) * 2008-09-12 2009-02-04 湖北电力信息通信中心 基于标识的公钥密码体制私钥托管系统
US8452963B2 (en) 2009-01-27 2013-05-28 Cisco Technology, Inc. Generating protected access credentials
CN101557289A (zh) * 2009-05-13 2009-10-14 大连理工大学 基于身份认证的存储安全密钥管理方法
CN102215488B (zh) * 2011-05-27 2013-11-06 中国联合网络通信集团有限公司 智能手机数字证书的应用方法和系统
US9350536B2 (en) 2012-08-16 2016-05-24 Digicert, Inc. Cloud key management system
JP5948185B2 (ja) 2012-08-29 2016-07-06 株式会社日立製作所 記録媒体、プログラム、及び、情報配信装置
US9094431B2 (en) * 2012-11-01 2015-07-28 Miiicasa Taiwan Inc. Verification of network device position
US9311500B2 (en) 2013-09-25 2016-04-12 Amazon Technologies, Inc. Data security using request-supplied keys
US10560441B2 (en) 2014-12-17 2020-02-11 Amazon Technologies, Inc. Data security operations with expectations
US10541811B2 (en) 2015-03-02 2020-01-21 Salesforce.Com, Inc. Systems and methods for securing data
CN106161017A (zh) * 2015-03-20 2016-11-23 北京虎符科技有限公司 标识认证安全管理系统
US9882726B2 (en) * 2015-05-22 2018-01-30 Motorola Solutions, Inc. Method and apparatus for initial certificate enrollment in a wireless communication system
US10461940B2 (en) 2017-03-10 2019-10-29 Fmr Llc Secure firmware transaction signing platform apparatuses, methods and systems
CN105373955B (zh) * 2015-12-08 2020-07-10 布比(北京)网络技术有限公司 基于多重签名的数字资产处理方法及装置
CN106921496A (zh) * 2015-12-25 2017-07-04 卓望数码技术(深圳)有限公司 一种数字签名方法和系统
KR20170091951A (ko) 2016-02-02 2017-08-10 에스프린팅솔루션 주식회사 전자 디바이스에게 보안을 제공하기 위한 방법 및 장치
CN106686004B (zh) 2017-02-28 2019-07-12 飞天诚信科技股份有限公司 一种登录认证方法及系统
CN107508680B (zh) 2017-07-26 2021-02-05 创新先进技术有限公司 数字证书管理方法、装置及电子设备
CN107395349A (zh) 2017-08-16 2017-11-24 深圳国微技术有限公司 一种基于自认证公钥体制的区块链网络密钥分发方法
US11012237B1 (en) * 2018-01-09 2021-05-18 Jpmorgan Chase Bank, N.A. Systems and methods for inter-service authentication
CN108830711A (zh) * 2018-05-07 2018-11-16 国网浙江省电力有限公司嘉兴供电公司 一种基于区块链的能源互联网交易账本管理方法及系统
CN109067801B (zh) * 2018-09-29 2021-09-03 平安科技(深圳)有限公司 一种身份认证方法、身份认证装置及计算机可读介质
CN109064151A (zh) * 2018-10-23 2018-12-21 北京金山安全软件有限公司 一种转账方法、装置、电子设备及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103580872A (zh) * 2013-11-11 2014-02-12 北京华大智宝电子系统有限公司 一种用于密钥生成与管理的系统及方法
CN105915338A (zh) * 2016-05-27 2016-08-31 北京中油瑞飞信息技术有限责任公司 生成密钥的方法和系统
US20180097638A1 (en) * 2016-10-05 2018-04-05 The Toronto-Dominion Bank Certificate authority master key tracking on distributed ledger
CN108847937A (zh) * 2018-09-04 2018-11-20 捷德(中国)信息科技有限公司 密钥处理方法、装置、设备及介质
CN109687959A (zh) * 2018-12-29 2019-04-26 上海唯链信息科技有限公司 密钥安全管理系统和方法、介质和计算机程序

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3879747A4 *

Also Published As

Publication number Publication date
CN109687959B (zh) 2021-11-12
US20220078009A1 (en) 2022-03-10
EP3879747A4 (en) 2022-08-10
CN109687959A (zh) 2019-04-26
US12058252B2 (en) 2024-08-06
JP2022515467A (ja) 2022-02-18
JP7426031B2 (ja) 2024-02-01
SG11202106514TA (en) 2021-07-29
EP3879747A1 (en) 2021-09-15

Similar Documents

Publication Publication Date Title
JP7426031B2 (ja) 鍵セキュリティ管理システムおよび方法、媒体、ならびにコンピュータプログラム
US12058248B2 (en) Quantum-safe networking
US12015716B2 (en) System and method for securely processing an electronic identity
JP7181539B2 (ja) 利用者識別認証データを管理する方法および装置
US11329981B2 (en) Issuing, storing and verifying a rich credential
US11218305B2 (en) Blockchain authorization information generation
KR101389100B1 (ko) 저복잡도 장치들을 사용하여 인증 및 프라이버시를 제공하는 방법 및 장치
US9130926B2 (en) Authorization messaging with integral delegation data
JP2020009500A (ja) データセキュリティサービス
WO2020062668A1 (zh) 一种身份认证方法、身份认证装置及计算机可读介质
KR20110079660A (ko) 태그 데이터 요소의 암호화와 동작 제어 프로세스-1
JP7686619B2 (ja) バイオメトリックプロトコル標準に関するシステム及び方法
JP2018529299A (ja) 生体認証プロトコル標準のシステムおよび方法
US20020143987A1 (en) Message management systems and method
WO2020211481A1 (zh) 用于生成区块链授权信息的方法、装置及系统
US11516014B2 (en) Methods, systems, and apparatuses for cryptographic wireless detection and authentication of fluids
CN105071941A (zh) 分布式系统节点身份认证方法及装置
CN115720137A (zh) 一种信息管理的系统、方法以及装置
HK40050164A (en) Key security management system and method, medium, and computer program
López et al. LACChain ID Framework: A Set of Recommendations for Blockchain-Based Interoperable, Privacy-Preserving, Regulatory Compliant, Secure, and Standardized Digital Identifiers, Credentials, and Wallets
CN119848821A (zh) 一种用户身份验证方法
CN115914293A (zh) 一种基于区块链的商品信息访问的不经意传输方法
Kumar et al. Review on Hashing and Encryption Algorithms used in Cloud computing
KR20080014795A (ko) 태그 데이터 요소의 암호화와 동작 제어 프로세스
KR20190066470A (ko) 일회성 패스워드를 생성하고 검증하는 방법과 그 장치

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19906368

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2019906368

Country of ref document: EP

Effective date: 20210611

ENP Entry into the national phase

Ref document number: 2021537206

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE