WO2024114205A1 - Key negotiation method and apparatus - Google Patents

Key negotiation method and apparatus Download PDF

Info

Publication number
WO2024114205A1
WO2024114205A1 PCT/CN2023/127472 CN2023127472W WO2024114205A1 WO 2024114205 A1 WO2024114205 A1 WO 2024114205A1 CN 2023127472 W CN2023127472 W CN 2023127472W WO 2024114205 A1 WO2024114205 A1 WO 2024114205A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
temporary
identity
private key
terminal device
Prior art date
Application number
PCT/CN2023/127472
Other languages
French (fr)
Chinese (zh)
Inventor
包施晗
徐晖
梁亚从
Original Assignee
大唐移动通信设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大唐移动通信设备有限公司 filed Critical 大唐移动通信设备有限公司
Publication of WO2024114205A1 publication Critical patent/WO2024114205A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy

Definitions

  • the present disclosure relates to the field of communication technology, and in particular to a key negotiation method and device.
  • Ubiquitous network devices have a large number of terminal devices. In order to ensure network security, mutual authentication between devices requires an appropriate authentication system.
  • the traditional authentication system public key infrastructure relies on a trusted third party. However, due to the large scale and large number of nodes in the ubiquitous network, once the trusted third party is attacked, the reliability of network authentication cannot be guaranteed.
  • the purpose of the present disclosure is to provide a key negotiation method and apparatus to solve the problem in the related art that authentication between devices depends on a trusted third party, and the reliability of network authentication cannot be guaranteed when the trusted third party is attacked.
  • the present disclosure provides a key negotiation method, comprising:
  • the first terminal device sends first key agreement authentication information to the blockchain network, and obtains second key agreement authentication information sent by the second terminal device from the blockchain network; wherein the first key agreement authentication information includes the first identity identifier, the first temporary public key and the first temporary private key of the first terminal device, and the second key agreement authentication information includes the second identity identifier, the second temporary public key and the second temporary private key of the second terminal device;
  • the first terminal device generates a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and a first random number, and the first private key is generated by a key generation center and is related to the first identity
  • the first random number is a random number used to generate the first temporary public key
  • the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number
  • the second private key is a private key generated by a key generation center and related to the second identity
  • the second random number is a random number used to generate the second temporary public key
  • the first terminal device generates a first session key, including:
  • the first terminal device generates at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
  • a first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  • the first terminal device generates at least one shared key, including at least one of the following:
  • the root public key is generated by a key generation center.
  • Za1 represents the first shared key
  • S ID1 represents the first private key
  • R ID2 represents the second temporary private key
  • H 2 represents the second hash function
  • P pub represents the root public key
  • ID2 represents the identity of the second terminal device.
  • Za2 represents the second shared key
  • r1 represents the first random number
  • RID2 represents the second temporary private key
  • H 2 represents the second hash function
  • ID2 represents the identity of the second terminal device
  • P pub represents the root public key.
  • Za3 represents the third shared key
  • S ID1 represents the first private key
  • T ID2 represents the second temporary public key
  • Za4 represents the fourth shared key
  • r1 represents the first random number
  • TID2 represents the second temporary public key
  • the disclosed embodiment also provides a key negotiation device, including a memory, a transceiver, and a processor;
  • a memory for storing a computer program; a transceiver for transmitting and receiving data under the control of the processor; and a processor for reading the computer program in the memory and performing the following operations:
  • first key agreement authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device
  • second key agreement authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device
  • first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
  • the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number
  • the second private key is a private key generated by a key generation center and related to the second identity
  • the second random number is a random number used to generate the second temporary public key
  • a first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  • the processor when executing the program, the processor further implements the following steps:
  • the root public key is generated by a key generation center.
  • the present disclosure also provides a key negotiation device, including:
  • a first transceiver unit is used to send first key negotiation authentication information to a blockchain network, and obtain second key negotiation authentication information sent by a second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device;
  • a first generating unit configured to generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
  • a first determination unit is used to determine that the key negotiation between the first terminal device and the second terminal device is successful when the first session key is the same as the second session key, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
  • An embodiment of the present disclosure further provides a processor-readable storage medium, wherein the processor-readable storage medium stores a computer program, and the computer program is used to enable the processor to execute the steps of the key negotiation method as described above.
  • the first terminal device and the second terminal device exchange corresponding key negotiation authentication information through the blockchain network, and then the two terminal devices generate corresponding session keys based on the key negotiation authentication information obtained from the blockchain network. If the session keys generated by the first terminal device and the second terminal device are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful.
  • the key negotiation authentication information is exchanged through the blockchain network, and there is no need to authenticate through a third-party authentication system, thereby effectively avoiding the risk of information leakage due to attacks on the third-party authentication system, and enhancing the security of bilateral authentication (that is, the key negotiation is successful only when the session keys generated by the two terminal devices are the same), thereby effectively improving the reliability of authentication.
  • FIG1 is a structural diagram of a network system to which the embodiments of the present disclosure can be applied;
  • FIG2 is a schematic diagram showing a flow chart of a key negotiation method according to an embodiment of the present disclosure
  • FIG3 is a system architecture diagram of a key negotiation method according to an embodiment of the present disclosure.
  • FIG4 is a block diagram showing a key agreement device according to an embodiment of the present disclosure.
  • FIG5 is a schematic diagram showing modules of a key negotiation device according to an embodiment of the present disclosure.
  • the applicable systems may be the Global System of Mobile communication (GSM) system, the Code Division Multiple Access (CDMA) system, the Wideband Code Division Multiple Access (WCDMA) system, the Time Division Synchronous Code Division Multiple Access (TD-SCDMA) system, the General Packet Radio Service (GPRS) system, the Long Term Evolution (LTE) system (including Time Division Duplex LTE (TTD-LTE) and Frequency Division Duplex LTE (FDD LTE)), Advanced Long Term Evolution Advanced (LTE-A) system, Universal Mobile Telecommunication System (UMTS), Worldwide Interoperability For Microwave Access (WiMAX) system, 5G New Radio (NR) system, etc.
  • GSM Global System of Mobile communication
  • CDMA Code Division Multiple Access
  • WCDMA Wideband Code Division Multiple Access
  • TD-SCDMA Time Division Synchronous Code Division Multiple Access
  • GPRS General Packet Radio Service
  • LTE Long Term Evolution
  • TTD-LTE Time Division Duplex LTE
  • FDD LTE Frequency Division Du
  • FIG1 shows a block diagram of a wireless communication system applicable to the embodiment of the present disclosure.
  • the wireless communication system includes a terminal 11 and a network device 12.
  • the terminal 11 may also be referred to as a terminal device or a user equipment (UE, also referred to as a terminal).
  • UE user equipment
  • the terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital assistant (Personal Digital Assistant, PDA), a handheld computer, a netbook, an ultra-mobile personal computer (Ultra-Mobile Personal Computer, UMPC), a mobile Internet device (Mobile Internet Device, MID), a wearable device (Wearable Device) or a vehicle-mounted device (VUE), a pedestrian terminal (Pedestrian User Equipment, PUE) and other terminal side devices.
  • the wearable device includes: a bracelet, a headset, glasses, etc. It should be noted that the specific type of the terminal 11 is not limited in the embodiment of the present disclosure.
  • the network device 12 can be a base station or a core network, wherein the base station can be referred to as a node B, an evolved node B, an access point, a base transceiver station (Base Transceiver Station, BTS), a radio base station, a radio transceiver, a basic service set (Basic Service Set, BSS), an extended service set (Extended Service Set, ESS), a B node, an evolved B node (eNB), a home B node, a home evolved B node, a wireless local area network (Wireless Local Area Network, WLAN) access point, a WiFi node, a transmitting and receiving point (Transmitting Receiving Point, TRP) or some other appropriate term in the field.
  • the base station is not limited to specific technical vocabulary. It should be noted that in the embodiments of the present disclosure, only the base station in the NR system is taken as an example, but the specific type of the base station is not limited.
  • Ubiquitous network is the ability to provide network services and communications for various types of applications or services at any time, anywhere, in any service and in any way.
  • the development of ubiquitous network is accompanied by the development of various network technologies.
  • Various complex network systems need to be integrated into the same network. How to reasonably allocate network resources to terminals in the case of different network terminal users and different network operators is a challenge that 6G network needs to face. The problem.
  • Blockchain technology is a chain data structure that combines data in the form of blocks in chronological order through a hash algorithm, and uses cryptography to form a distributed digital ledger that is extremely difficult to tamper with and cannot be forged, which can store data and information with a sequential relationship.
  • the implementation of blockchain is based on the combination of cryptography, distributed storage, consensus algorithms, and peer-to-peer networks, making it decentralized, distributed, traceable, difficult to tamper with, and open and transparent.
  • the present disclosure provides a key negotiation method, including:
  • Step 201 The first terminal device sends first key negotiation authentication information to the blockchain network, and obtains second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes the first identity identifier, the first temporary public key and the first temporary private key of the first terminal device, and the second key negotiation authentication information includes the second identity identifier, the second temporary public key and the second temporary private key of the second terminal device.
  • the system architecture of the key negotiation method of the embodiment of the present disclosure is shown in FIG3 and is divided into three layers, namely, the terminal layer, the edge layer, and the central computing layer.
  • the terminal layer includes ubiquitous network terminal devices, such as UE, Internet of Things (IoT) and other terminal devices, which are characterized by limited computing power and network capabilities.
  • the edge layer includes edge nodes or edge servers, which have certain computing power and network capabilities, and are used to collect and process data from terminal devices, and transmit data to the central computing layer.
  • the edge layer also plays the role of a blockchain node, which is used to maintain the operation of the blockchain and the distributed storage of electronic ledgers.
  • the central computing layer includes cloud servers, which include a key generation center.
  • the system is first initialized, and the key generation center generates system parameters, root private key and root public key.
  • the key generation center selects a security parameter k ⁇ Z + as an input parameter to generate ⁇ p, F p ,G,P,H 1 ,H 2 ⁇ , where p is a prime number of k bits, F p is a finite field with p elements, G is an elliptic curve group with prime order q over the finite field F p , P is a generator of G, and H 2 is any
  • the hash function maps a bit string of arbitrary length to the elliptic curve group G, where H1 is the hash function of a bit string of arbitrary length.
  • the key generation center determines ⁇ p,q, Fp ,G,P, H1 , H2 , Ppub ⁇ as the system parameters and stores the root key x separately and securely.
  • the private key pair of the first terminal device obtained by the key generation center is ( RID1 , SID1 ), and the private key pair of the second terminal device is ( RID2 , SID2 ).
  • the first temporary private key may be specifically R ID1 .
  • the second temporary private key may be specifically R ID2 .
  • the first terminal device sends (ID1, R ID1 , T ID1 ) to the blockchain network
  • the second terminal device sends (ID2, R ID2 , T ID2 ) to the blockchain network
  • the first terminal device obtains (ID2, R ID2 , T ID2 ) from the blockchain network
  • the second terminal device obtains (ID1, R ID1 , T ID1 ) from the blockchain network.
  • the first terminal device and the second terminal device negotiate a key based on the information obtained from the blockchain network.
  • Step 202 The first terminal device generates a first session key, which is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key and the first random number.
  • the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key.
  • the first private key may specifically be S ID1 in the private key pair of the first terminal device.
  • Step 203 If the first session key is the same as the second session key, determine The key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
  • the second private key may specifically be S ID2 in the private key pair of the second terminal device.
  • the first terminal device and the second terminal device exchange corresponding key negotiation authentication information through the blockchain network, and then the two terminal devices generate corresponding session keys based on the key negotiation authentication information obtained from the blockchain network. If the session keys generated by the first terminal device and the second terminal device are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful.
  • the key negotiation authentication information is exchanged through the blockchain network, and there is no need to authenticate through a third-party authentication system, thereby effectively avoiding the risk of information leakage due to attacks on the third-party authentication system, and enhancing the security of bilateral authentication (that is, the key negotiation is successful only when the session keys generated by the two terminal devices are the same), thereby effectively improving the reliability of authentication.
  • the first terminal device generates a first session key, including:
  • the first terminal device generates at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
  • a first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  • the first Hash function may specifically be the above-mentioned H 1 .
  • the first terminal device generates at least one shared key through the parameters in the first key negotiation authentication information and the parameters in the second key negotiation authentication information, and performs encryption processing through the first hash function to obtain a first session key.
  • the generation process of the first session key does not require heavy calculations, which reduces the calculation cost, and does not require multiple rounds of communication verification between the two devices (the communication channel between the devices is a public channel, which has security risks and side channel attacks), which can effectively ensure security.
  • the first terminal device generates at least one shared key, including at least one of the following:
  • the second temporary private key According to the first private key, the second temporary private key, the second identity, the root public key and the second Hash function, generating a first shared key
  • the root public key is generated by a key generation center.
  • Za1 represents the first shared key
  • S ID1 represents the first private key
  • R ID2 represents the second temporary private key
  • H 2 represents the second hash function
  • P pub represents the root public key
  • ID2 represents the identity of the second terminal device.
  • Za2 represents the second shared key
  • r1 represents the first random number
  • RID2 represents the second temporary private key
  • H2 represents the second hash function
  • ID2 represents the identity of the second terminal device
  • Ppub represents the root public key.
  • Za3 represents the third shared key
  • S ID1 represents the first private key
  • T ID2 represents the second temporary public key
  • Za4 represents the fourth shared key
  • r1 represents the first random number
  • TID2 represents the second temporary public key
  • H1 represents the above-mentioned first hash function
  • K1 represents the first session key
  • H1 represents the above-mentioned first hash function
  • K2 represents the second session key
  • Zb1 is the first shared key generated by the second terminal device
  • Zb2 is the second shared key generated by the second terminal device
  • Zb3 is the third shared key generated by the second terminal device
  • Zb4 is the fourth shared key generated by the second terminal device.
  • S ID2 represents the second private key
  • R ID1 represents the first temporary private key
  • H 2 represents the second hash function
  • P pub represents the root public key
  • ID1 represents the identity of the first terminal device.
  • r 2 represents a first random number
  • R ID1 represents a first temporary private key
  • H 2 represents a second hash function
  • ID1 represents an identity identifier of the first terminal device
  • P pub represents a root public key.
  • S ID2 represents the second private key
  • T ID1 represents the first temporary public key
  • r 2 represents a first random number
  • T ID1 represents a first temporary public key
  • K1 and K2 are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, and a session is established between the first terminal device and the second terminal device; otherwise, it is determined that the key negotiation between the first terminal device and the second terminal device is unsuccessful, and the session establishment between the first terminal device and the second terminal device is abandoned.
  • the key negotiation method disclosed in the present invention includes:
  • the key generation center generates security parameters ⁇ p, F p , G, P, H 1 , H 2 ⁇ according to the identity-based algorithm;
  • the key generation center generates a root private key and obtains the root public key P pub through calculation;
  • the system security parameters output by the key generation center include ⁇ p, q, F p , G, P, H 1 , H 2 , P pub ⁇ .
  • Device 1 sends the unique identification ID1 to the key generation center through a secure private channel
  • Device 2 sends the unique identification ID2 to the key generation center through a secure private channel
  • the key generation center generates a private key pair (R ID1 , s ID1 ) of device 1 using the received unique identifier ID1 as input, and returns it to device 1 through a secure private channel; the key generation center generates a private key pair (R ID2 , s ID2 ) of device 2 using the received unique identifier ID2 as input, and returns it to device 2 through a secure private channel;
  • Device 1 and Device 2 receive and verify the correctness of the private key pair. If the confirmation is correct, the private key pair is retained and the corresponding public key is generated through the identification; if the confirmation fails, the private key is abandoned;
  • Device 1 generates a first temporary private key R ID1 and a first temporary public key T ID1 , and sends (ID1, R ID1 , T ID1 ) to the blockchain network, and device 2 obtains device 1 related information (ID1, R ID1 , T ID1 ) from the blockchain;
  • Device 2 generates a second temporary private key R ID2 and a second temporary public key T ID2 , and sends (ID2, R ID2 , T ID2 ) to the blockchain network, and device 1 obtains device 2 related information (ID2, R ID2 , T ID2 ) from the blockchain network;
  • Device 1 generates shared keys, such as Za1 , Za2 , Za3 and Za4 , according to the acquired relevant information of device 2, and obtains the first session key K1 based on the shared keys.
  • K1 is consistent with K2 , it is determined that the key negotiation between the first terminal device and the second terminal device is successful.
  • the key negotiation scheme of the disclosed embodiment has the characteristics of being lightweight and preventing information leakage, and can be applied to ubiquitous network architectures.
  • ubiquitous network architectures there are a large number of terminal devices, and the computing power and power are limited.
  • the distributed edge server can effectively process and store the requests and data services of terminal devices and users within the coverage area through the management of edge nodes.
  • the blockchain as a decentralized distributed electronic ledger, can be introduced into the ubiquitous network to realize a trusted network architecture and effectively avoid single point failures, thereby improving the reliability and security of the network. It can provide authentication and authorization for all devices in the network, solving the problem of difficult authentication management caused by the large number of terminal devices in the ubiquitous network.
  • the key negotiation authentication scheme of the disclosed embodiment achieves the purpose of certificateless authentication with low overhead, low cost and high security with the help of the blockchain network, and has better scalability and portability.
  • the embodiment of the present disclosure further provides a key negotiation device, including a memory 420 , a transceiver 400 , and a processor 410 ;
  • the memory 420 is used to store computer programs; the transceiver 400 is used to send and receive data under the control of the processor 410; the processor 410 is used to read the computer program in the memory and perform the following operations:
  • first key agreement authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device
  • second key agreement authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device
  • first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
  • the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number
  • the second private key is a private key generated by a key generation center and related to the second identity
  • the second random number is a random number used to generate the second temporary public key
  • the bus architecture may include any number of interconnected buses and bridges, specifically one or more processors represented by processor 410 and various circuits of memory represented by memory 420 are linked together.
  • the bus architecture can also link together various other circuits such as peripherals, voltage regulators, and power management circuits, which are all well known in the art and are therefore not further described herein.
  • the bus interface provides an interface.
  • the transceiver 400 may be a plurality of components, namely, a transmitter and a receiver, providing a unit for communicating with various other devices on a transmission medium, and these transmission media include wireless channels, wired channels, optical cables and other transmission media.
  • the user interface 430 may also be an interface that can be connected to external or internal devices, and the connected devices include but are not limited to a keypad, a display, a speaker, a microphone, a joystick, etc. wait.
  • the processor 410 is responsible for managing the bus architecture and general processing, and the memory 420 can store data used by the processor 410 when performing operations.
  • processor 410 can be a central processing unit (CPU), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or a complex programmable logic device (CPLD), and the processor can also adopt a multi-core architecture.
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • the processor calls the computer program stored in the memory to execute any of the methods provided by the embodiments of the present disclosure according to the obtained executable instructions.
  • the processor and the memory can also be arranged physically separately.
  • the processor 410 when executing the program, the processor 410 further implements the following steps:
  • a first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  • the processor 410 when executing the program, the processor 410 further implements at least one of the following steps:
  • the root public key is generated by a key generation center.
  • Za1 represents the first shared key
  • S ID1 represents the first private key
  • R ID2 represents the second temporary private key
  • H 2 represents the second hash function
  • P pub represents the root public key
  • ID2 represents the identity of the second terminal device.
  • Za2 represents the second shared key
  • r1 represents the first random number
  • RID2 represents the second temporary private key
  • H2 represents the second hash function
  • ID2 represents the identity of the second terminal device
  • Ppub represents the root public key.
  • Za3 represents the third shared key
  • S ID1 represents the first private key
  • T ID2 represents the second temporary public key
  • Za4 represents the fourth shared key
  • r1 represents the first random number
  • TID2 represents the second temporary public key
  • the embodiment of the present disclosure further provides a key negotiation device, including:
  • the first transceiver unit 501 is used to send first key negotiation authentication information to the blockchain network, and obtain second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key and a second temporary private key of the second terminal device;
  • a first generating unit 502 is configured to generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
  • the first determination unit 503 is used to determine that the key negotiation between the first terminal device and the second terminal device is successful when the first session key is the same as the second session key, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, and the second private key is a key generation key.
  • the center generates a private key related to the second identity identifier, and the second random number is a random number used to generate the second temporary public key.
  • the first generating unit 502 includes:
  • a first generating subunit configured to generate at least one shared key, wherein the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
  • the second generating subunit is used to generate a first session key according to the at least one shared key, the first identity, the second identity and the first Hash function.
  • the first generating subunit is used to perform at least one of the following:
  • the root public key is generated by a key generation center.
  • Za1 represents the first shared key
  • S ID1 represents the first private key
  • R ID2 represents the second temporary private key
  • H 2 represents the second hash function
  • P pub represents the root public key
  • ID2 represents the identity of the second terminal device.
  • Za2 represents the second shared key
  • r1 represents the first random number
  • RID2 represents the second temporary private key
  • H2 represents the second hash function
  • ID2 represents the identity of the second terminal device
  • Ppub represents the root public key.
  • Za3 represents the third shared key
  • S ID1 represents the first private key
  • T ID2 represents the second temporary public key, key.
  • Za4 represents the fourth shared key
  • r1 represents the first random number
  • TID2 represents the second temporary public key
  • each functional unit in each embodiment of the present disclosure may be integrated into a processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a processor-readable storage medium.
  • the technical solution of the present disclosure is essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product.
  • the computer software product is stored in a storage medium, including several instructions to enable a computer device (which can be a personal computer, server, or network device, etc.) or a processor (processor) to perform all or part of the steps of the method described in each embodiment of the present disclosure.
  • the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), disk or optical disk and other media that can store program code.
  • a processor-readable storage medium stores program instructions, and the program instructions are used to enable the processor to execute the following steps:
  • first key negotiation authentication information includes a first identity identifier, a first temporary public key and a first temporary private key of the first terminal device
  • second key negotiation authentication information includes a second identity identifier, a second temporary public key and a first temporary private key of the second terminal device Second temporary private key
  • first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
  • the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number
  • the second private key is a private key generated by a key generation center and related to the second identity
  • the second random number is a random number used to generate the second temporary public key
  • the terminal device involved in the embodiments of the present disclosure may be a device that provides voice and/or data connectivity to a user, a handheld device with a wireless connection function, or other processing devices connected to a wireless modem.
  • the name of the terminal device may also be different.
  • the terminal device may be called a user equipment (UE).
  • UE user equipment
  • a wireless terminal device may communicate with one or more core networks (CN) via a radio access network (RAN).
  • CN core networks
  • RAN radio access network
  • the wireless terminal device may be a mobile terminal device, such as a mobile phone (or a "cellular" phone) and a computer with a mobile terminal device.
  • the wireless terminal device may also be referred to as a system, a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, an access point, a remote terminal device, an access terminal device, a user terminal device, a user agent, and a user device, but is not limited to these in the embodiments of the present disclosure.
  • the network device involved in the embodiments of the present disclosure may be a base station, which may include multiple cells providing services for terminals.
  • a base station may also be called an access point, or It can be a device in the access network that communicates with the wireless terminal device over the air interface through one or more sectors, or other names.
  • the network device can be used to convert received air frames into Internet Protocol (IP) packets and act as a router between the wireless terminal device and the rest of the access network, where the rest of the access network may include an Internet Protocol (IP) communication network.
  • IP Internet Protocol
  • the network device can also coordinate the attribute management of the air interface.
  • the network device involved in the embodiments of the present disclosure may be a network device (Base Transceiver Station, BTS) in the Global System for Mobile communications (Global System for Mobile communications, GSM) or Code Division Multiple Access (Code Division Multiple Access, CDMA), or a network device (NodeB) in Wide-band Code Division Multiple Access (WCDMA), or an evolutionary network device (evolutional Node B, eNB or e-NodeB) in the Long Term Evolution (Long Term Evolution, LTE) system, a 5G base station (gNB) in the 5G network architecture (next generation system), or a Home evolved Node B (Home evolved Node B, HeNB), a relay node, a femto, a pico, etc., which is not limited in the embodiments of the present disclosure.
  • the network device may include a Centralized Unit (CU) node and a Distributed Unit (DU) node, and the Centralized Unit and the Distributed Unit may also be arranged geographically separately.
  • CU Central
  • Network devices and terminal devices can each use one or more antennas for multiple input multiple output (MIMO) transmission.
  • MIMO transmission can be single user MIMO (SU-MIMO) or multi-user MIMO (MU-MIMO).
  • MIMO transmission can be two-dimensional MIMO (2D-MIMO), three-dimensional MIMO (3D-MIMO), full-dimensional MIMO (FD-MIMO) or massive MIMO, or it can be diversity transmission, precoded transmission or beamforming transmission, etc.
  • the embodiments of the present disclosure may be provided as methods, systems, or computer program products. Therefore, the present disclosure may take the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present disclosure may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) containing computer-usable program code.
  • a computer-usable storage media including but not limited to disk storage and optical storage, etc.
  • each process and/or box in the flowchart and/or block diagram, as well as the combination of the process and/or box in the flowchart and/or block diagram can be implemented by computer executable instructions.
  • These computer executable instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor or other programmable data processing device to produce a machine, so that the instructions executed by the processor of the computer or other programmable data processing device produce a device for implementing the functions specified in one process or multiple processes in the flowchart and/or one box or multiple boxes in the block diagram.
  • processor-executable instructions may also be stored in a processor-readable memory that can direct a computer or other programmable data processing device to operate in a specific manner, so that the instructions stored in the processor-readable memory produce a product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.
  • processor-executable instructions may also be loaded onto a computer or other programmable data processing device so that a series of operational steps are executed on the computer or other programmable device to produce a computer-implemented process, whereby the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more flows in the flowchart and/or one or more blocks in the block diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Provided in the present disclosure are a key negotiation method and apparatus. The method of the present disclosure comprises: a first terminal device sending first key negotiation authentication information to a blockchain network, and acquiring from the blockchain network second key negotiation authentication information, which is sent by a second terminal device, wherein the first key negotiation authentication information comprises a first identity identifier, a first temporary public key and a first temporary private key of the first terminal device, and the second key negotiation authentication information comprises a second identity identifier, a second temporary public key and a second temporary private key of the second terminal device; the first terminal device generating a first session key, wherein the first session key is related to at least two of the second identity identifier, the second temporary public key, the second temporary private key, a first private key and a first random number; and when the first session key is the same as a second session key, determining that key negotiation between the first terminal device and the second terminal device is successful.

Description

密钥协商方法及装置Key negotiation method and device
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本公开要求于2022年11月30日提交中国专利局、申请号为202211523295.1、申请名称为“密钥协商方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims priority to the Chinese patent application filed with the China Patent Office on November 30, 2022, with application number 202211523295.1 and application name “Key Negotiation Method and Device”, the entire contents of which are incorporated by reference in this disclosure.
技术领域Technical Field
本公开涉及通信技术领域,尤其涉及一种密钥协商方法及装置。The present disclosure relates to the field of communication technology, and in particular to a key negotiation method and device.
背景技术Background technique
泛在网络设备由于拥有大量的终端设备,为了保证网络安全,设备间的相互认证需要适当的认证体系。传统认证体系公钥基础设施系依赖于可信第三方,然而因泛在网络其规模大,节点数量众多等特点,一旦可信第三方受到攻击,网络认证的可靠性得不到保障。Ubiquitous network devices have a large number of terminal devices. In order to ensure network security, mutual authentication between devices requires an appropriate authentication system. The traditional authentication system public key infrastructure relies on a trusted third party. However, due to the large scale and large number of nodes in the ubiquitous network, once the trusted third party is attacked, the reliability of network authentication cannot be guaranteed.
发明内容Summary of the invention
本公开的目的在于提供一种密钥协商方法及装置,以解决相关技术中设备间的认证依赖于可信第三方,在可信第三方受到攻击时网络认证的可靠性得不到保障的问题。The purpose of the present disclosure is to provide a key negotiation method and apparatus to solve the problem in the related art that authentication between devices depends on a trusted third party, and the reliability of network authentication cannot be guaranteed when the trusted third party is attacked.
为了达到上述目的,本公开提供一种密钥协商方法,包括:In order to achieve the above object, the present disclosure provides a key negotiation method, comprising:
第一终端设备向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;The first terminal device sends first key agreement authentication information to the blockchain network, and obtains second key agreement authentication information sent by the second terminal device from the blockchain network; wherein the first key agreement authentication information includes the first identity identifier, the first temporary public key and the first temporary private key of the first terminal device, and the second key agreement authentication information includes the second identity identifier, the second temporary public key and the second temporary private key of the second terminal device;
所述第一终端设备生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识 相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;The first terminal device generates a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and a first random number, and the first private key is generated by a key generation center and is related to the first identity The first random number is a random number used to generate the first temporary public key;
在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
可选地,所述第一终端设备生成第一会话密钥,包括:Optionally, the first terminal device generates a first session key, including:
所述第一终端设备生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;The first terminal device generates at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
可选地,所述第一终端设备生成至少一个共享密钥,包括以下至少一项:Optionally, the first terminal device generates at least one shared key, including at least one of the following:
根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
可选地,所述第一共享密钥满足以下公式:
Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the first shared key satisfies the following formula:
Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
可选地,所述第二共享密钥满足以下公式:
Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the second shared key satisfies the following formula:
Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私 钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Wherein, Za2 represents the second shared key, r1 represents the first random number, and RID2 represents the second temporary private key. key, H 2 represents the second hash function, ID2 represents the identity of the second terminal device, and P pub represents the root public key.
可选地,所述第三共享密钥满足以下公式:
Za3=[SID1]TID2Optionally, the third shared key satisfies the following formula:
Za3 = [S ID1 ] T ID2 ;
其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
可选地,所述第四共享密钥满足以下公式:
Za4=[r1]TID2Optionally, the fourth shared key satisfies the following formula:
Za4 = [ r1 ] TID2 ;
其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
本公开实施例还提供了一种密钥协商装置,包括存储器,收发机,处理器;The disclosed embodiment also provides a key negotiation device, including a memory, a transceiver, and a processor;
存储器,用于存储计算机程序;收发机,用于在所述处理器的控制下收发数据;处理器,用于读取所述存储器中的计算机程序并执行以下操作:A memory for storing a computer program; a transceiver for transmitting and receiving data under the control of the processor; and a processor for reading the computer program in the memory and performing the following operations:
向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;Sending first key agreement authentication information to the blockchain network, and obtaining second key agreement authentication information sent by the second terminal device from the blockchain network; wherein the first key agreement authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, and the second key agreement authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device;
生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;Generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。 When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
可选地,所述处理器执行所述程序时还实现以下步骤:Optionally, when executing the program, the processor further implements the following steps:
生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;Generate at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
可选地,所述处理器执行所述程序时还实现以下步骤:Optionally, when executing the program, the processor further implements the following steps:
根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
本公开实施例还提供了一种密钥协商装置,包括:The present disclosure also provides a key negotiation device, including:
第一收发单元,用于向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;A first transceiver unit is used to send first key negotiation authentication information to a blockchain network, and obtain second key negotiation authentication information sent by a second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device;
第一生成单元,用于生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;a first generating unit, configured to generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
第一确定单元,用于在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。 A first determination unit is used to determine that the key negotiation between the first terminal device and the second terminal device is successful when the first session key is the same as the second session key, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
本公开实施例还提供了一种处理器可读存储介质,所述处理器可读存储介质存储有计算机程序,所述计算机程序用于使所述处理器执行如上所述的密钥协商方法的步骤。An embodiment of the present disclosure further provides a processor-readable storage medium, wherein the processor-readable storage medium stores a computer program, and the computer program is used to enable the processor to execute the steps of the key negotiation method as described above.
本公开的上述技术方案至少具有如下有益效果:The above technical solution disclosed in the present invention has at least the following beneficial effects:
本公开实施例中,第一终端设备和第二终端设备通过区块链网络交互相应的密钥协商认证信息,然后两个终端设备基于从区块链网络获取的密钥协商认证信息生成相应的会话密钥,若第一终端设备和第二终端设备生成的会话密钥一致,则确定所述第一终端设备与所述第二终端设备之间密钥协商成功。本公开实施例中通过区块链网络来交互密钥协商认证信息,无需通过第三方认证系统进行认证,从而能够有效避免由于第三方认证系统受到攻击而导致信息泄露的风险,并且增强了双边认证的安全性(即两个终端设备生成的会话密钥相同才确定密钥协商成功),从而有效提高了认证的可靠性。In the disclosed embodiment, the first terminal device and the second terminal device exchange corresponding key negotiation authentication information through the blockchain network, and then the two terminal devices generate corresponding session keys based on the key negotiation authentication information obtained from the blockchain network. If the session keys generated by the first terminal device and the second terminal device are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful. In the disclosed embodiment, the key negotiation authentication information is exchanged through the blockchain network, and there is no need to authenticate through a third-party authentication system, thereby effectively avoiding the risk of information leakage due to attacks on the third-party authentication system, and enhancing the security of bilateral authentication (that is, the key negotiation is successful only when the session keys generated by the two terminal devices are the same), thereby effectively improving the reliability of authentication.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1表示本公开实施例可应用的一种网络系统的结构图;FIG1 is a structural diagram of a network system to which the embodiments of the present disclosure can be applied;
图2表示本公开实施例的密钥协商方法的流程示意图;FIG2 is a schematic diagram showing a flow chart of a key negotiation method according to an embodiment of the present disclosure;
图3表示本公开实施例的密钥协商方法的系统架构图;FIG3 is a system architecture diagram of a key negotiation method according to an embodiment of the present disclosure;
图4表示本公开实施例的密钥协商装置的结构框图;FIG4 is a block diagram showing a key agreement device according to an embodiment of the present disclosure;
图5表示本公开实施例的密钥协商装置的模块示意图。FIG5 is a schematic diagram showing modules of a key negotiation device according to an embodiment of the present disclosure.
具体实施方式Detailed ways
本公开实施例提供的技术方案可以适用于多种系统。例如适用的系统可以是全球移动通讯(Global System of Mobile communication,GSM)系统、码分多址(Code Division Multiple Access,CDMA)系统、宽带码分多址(Wideband Code Division Multiple Access,WCDMA)系统、时分同步码分多址(Time Division Synchronous Code Division Multiple Access,TD-SCDMA)系统、通用分组无线业务(general packet radio service,GPRS)系统、长期演进(Long Term Evolution,LTE)系统(含时分复用LTE(Time Division Duplex LTE,TTD-LTE)和频分复用LTE(Frequency Division Duplex LTE,FDD LTE))、 高级长期演进(Long Term Evolution Advanced,LTE-A)系统、通用移动系统(Universal Mobile Telecommunication System,UMTS)、全球互联微波接入(Worldwide Interoperability For Microwave Access,WiMAX)系统、5G新空口(New Radio,NR)系统等。这多种系统中均包括终端设备和网络设备。系统中还可以包括核心网部分,例如演进的分组系统(Evloved Packet System,EPS)、5G系统(5GS/5GC)等。The technical solution provided by the embodiments of the present disclosure can be applicable to a variety of systems. For example, the applicable systems may be the Global System of Mobile communication (GSM) system, the Code Division Multiple Access (CDMA) system, the Wideband Code Division Multiple Access (WCDMA) system, the Time Division Synchronous Code Division Multiple Access (TD-SCDMA) system, the General Packet Radio Service (GPRS) system, the Long Term Evolution (LTE) system (including Time Division Duplex LTE (TTD-LTE) and Frequency Division Duplex LTE (FDD LTE)), Advanced Long Term Evolution Advanced (LTE-A) system, Universal Mobile Telecommunication System (UMTS), Worldwide Interoperability For Microwave Access (WiMAX) system, 5G New Radio (NR) system, etc. These systems include terminal equipment and network equipment. The system can also include core network parts, such as Evolved Packet System (EPS), 5G system (5GS/5GC), etc.
图1示出本公开实施例可应用的一种无线通信系统的框图。无线通信系统包括终端11和网络设备12。其中,终端11也可以称作终端设备或者用户设备(User Equipment,UE,也称终端),终端11可以是手机、平板电脑(Tablet Personal Computer)、膝上型电脑(Laptop Computer)或称为笔记本电脑、个人数字助理(Personal Digital Assistant,PDA)、掌上电脑、上网本、超级移动个人计算机(Ultra-Mobile Personal Computer,UMPC)、移动上网装置(Mobile Internet Device,MID)、可穿戴式设备(Wearable Device)或车载设备(Vehicle User Equipment,VUE)、行人终端(Pedestrian User Equipment,PUE)等终端侧设备,可穿戴式设备包括:手环、耳机、眼镜等。需要说明的是,在本公开实施例并不限定终端11的具体类型。网络设备12可以是基站或核心网,其中,基站可被称为节点B、演进节点B、接入点、基收发机站(Base Transceiver Station,BTS)、无线电基站、无线电收发机、基本服务集(Basic Service Set,BSS)、扩展服务集(Extended Service Set,ESS)、B节点、演进型B节点(eNB)、家用B节点、家用演进型B节点、无线局域网(Wireless Local Area Network,WLAN)接入点、WiFi节点、发送接收点(Transmitting Receiving Point,TRP)或所属领域中其他某个合适的术语,只要达到相同的技术效果,所述基站不限于特定技术词汇,需要说明的是,在本公开实施例中仅以NR系统中的基站为例,但是并不限定基站的具体类型。FIG1 shows a block diagram of a wireless communication system applicable to the embodiment of the present disclosure. The wireless communication system includes a terminal 11 and a network device 12. The terminal 11 may also be referred to as a terminal device or a user equipment (UE, also referred to as a terminal). The terminal 11 may be a mobile phone, a tablet computer (Tablet Personal Computer), a laptop computer (Laptop Computer) or a notebook computer, a personal digital assistant (Personal Digital Assistant, PDA), a handheld computer, a netbook, an ultra-mobile personal computer (Ultra-Mobile Personal Computer, UMPC), a mobile Internet device (Mobile Internet Device, MID), a wearable device (Wearable Device) or a vehicle-mounted device (VUE), a pedestrian terminal (Pedestrian User Equipment, PUE) and other terminal side devices. The wearable device includes: a bracelet, a headset, glasses, etc. It should be noted that the specific type of the terminal 11 is not limited in the embodiment of the present disclosure. The network device 12 can be a base station or a core network, wherein the base station can be referred to as a node B, an evolved node B, an access point, a base transceiver station (Base Transceiver Station, BTS), a radio base station, a radio transceiver, a basic service set (Basic Service Set, BSS), an extended service set (Extended Service Set, ESS), a B node, an evolved B node (eNB), a home B node, a home evolved B node, a wireless local area network (Wireless Local Area Network, WLAN) access point, a WiFi node, a transmitting and receiving point (Transmitting Receiving Point, TRP) or some other appropriate term in the field. As long as the same technical effect is achieved, the base station is not limited to specific technical vocabulary. It should be noted that in the embodiments of the present disclosure, only the base station in the NR system is taken as an example, but the specific type of the base station is not limited.
为使本领域技术人员能够更好地理解本发明实施例,先进行如下说明。In order to enable those skilled in the art to better understand the embodiments of the present invention, the following description is first given.
泛在网络是能够提供无论何时、何地、何种服务、何种方式的多种类别的应用或服务的网络服务和通信的能力。泛在网络的发展伴随着各种网络技术的发展,多种复杂的网络制式需要融合在同一张网络中,如何在异网终端用户以及异网运营商的情况下为终端合理分配网络资源,是6G网络需要面 临的问题。Ubiquitous network is the ability to provide network services and communications for various types of applications or services at any time, anywhere, in any service and in any way. The development of ubiquitous network is accompanied by the development of various network technologies. Various complex network systems need to be integrated into the same network. How to reasonably allocate network resources to terminals in the case of different network terminal users and different network operators is a challenge that 6G network needs to face. The problem.
区块链技术是一种按照时间顺序将数据以区块的形式通过哈希算法组合起来的一种链式数据结构,并通过密码学运用到共识机制里形成一个极难被篡改和不可伪造的分布式数字账本,能够存储有先后关系的数据和信息。区块链的实现是基于密码学、分布式存储、共识算法以及点对点对等网络等技术的结合,使其具有去中心化、分布式、可追溯、难以篡改和公开透明等特点。Blockchain technology is a chain data structure that combines data in the form of blocks in chronological order through a hash algorithm, and uses cryptography to form a distributed digital ledger that is extremely difficult to tamper with and cannot be forged, which can store data and information with a sequential relationship. The implementation of blockchain is based on the combination of cryptography, distributed storage, consensus algorithms, and peer-to-peer networks, making it decentralized, distributed, traceable, difficult to tamper with, and open and transparent.
下面将结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分实施例,并不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本公开保护的范围。The following will be combined with the drawings in the embodiments of the present disclosure to clearly and completely describe the technical solutions in the embodiments of the present disclosure. Obviously, the described embodiments are only part of the embodiments of the present disclosure, not all of the embodiments. Based on the embodiments in the present disclosure, all other embodiments obtained by ordinary technicians in this field without making creative work are within the scope of protection of the present disclosure.
如图2所示,本公开实施例提供了一种密钥协商方法,包括:As shown in FIG2 , the present disclosure provides a key negotiation method, including:
步骤201:第一终端设备向区块链网络发送第一密钥协商认证信息,并从该区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,该第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,该述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥。Step 201: The first terminal device sends first key negotiation authentication information to the blockchain network, and obtains second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes the first identity identifier, the first temporary public key and the first temporary private key of the first terminal device, and the second key negotiation authentication information includes the second identity identifier, the second temporary public key and the second temporary private key of the second terminal device.
本公开实施例的密钥协商方法的系统架构,如图3所示,分为三层,分别是终端层、边缘层、中心计算层。其中,终端层包括泛在网络终端设备,如UE、物联网(Internet of Things,IoT)等终端设备组成,它们的特点是计算能力和网络能力有限。边缘层包括边缘节点或边缘服务器,拥有一定的计算能力和网络能力,用于收集和处理终端设备的数据,以及传输数据到中心计算层。同时边缘层还承担作为区块链节点的作用,用于维持区块链的运行和分布式存储电子账本。中心计算层包括云服务器,其中,包含密钥生成中心。The system architecture of the key negotiation method of the embodiment of the present disclosure is shown in FIG3 and is divided into three layers, namely, the terminal layer, the edge layer, and the central computing layer. Among them, the terminal layer includes ubiquitous network terminal devices, such as UE, Internet of Things (IoT) and other terminal devices, which are characterized by limited computing power and network capabilities. The edge layer includes edge nodes or edge servers, which have certain computing power and network capabilities, and are used to collect and process data from terminal devices, and transmit data to the central computing layer. At the same time, the edge layer also plays the role of a blockchain node, which is used to maintain the operation of the blockchain and the distributed storage of electronic ledgers. The central computing layer includes cloud servers, which include a key generation center.
本公开实施例中,系统先进行初始化,由密钥生成中心生成系统参数、根私钥和根公钥。具体的,密钥生成中心选取一个安全参数k∈Z+作为输入参数生成{p,Fp,G,P,H1,H2},其中,p是k比特的质数,Fp是元素个数p的有限域,G是有限域Fp上素数阶为q的椭圆曲线群,P是G的生成元,H2是任 意长度的比特串映射到椭圆曲线群G上的哈希函数,H1是任意长度比特串的哈希函数。然后从Zn∈[1,…,q-1]中选一个随机数x作为根私钥,通过计算Ppub=[x]P,得到Ppub。密钥生成中心将{p,q,Fp,G,P,H1,H2,Ppub}确定为系统参数,并将根密钥x单独安全存放。In the disclosed embodiment, the system is first initialized, and the key generation center generates system parameters, root private key and root public key. Specifically, the key generation center selects a security parameter k∈Z + as an input parameter to generate {p, F p ,G,P,H 1 ,H 2 }, where p is a prime number of k bits, F p is a finite field with p elements, G is an elliptic curve group with prime order q over the finite field F p , P is a generator of G, and H 2 is any The hash function maps a bit string of arbitrary length to the elliptic curve group G, where H1 is the hash function of a bit string of arbitrary length. Then a random number x is selected from Zn∈ [1,…,q-1] as the root private key, and Ppub is obtained by calculating Ppub =[x]P. The key generation center determines {p,q, Fp ,G,P, H1 , H2 , Ppub } as the system parameters and stores the root key x separately and securely.
系统进行初始化后,密钥生成中心将终端设备(或用户设备)的身份标识(Identifier,ID)作为输入并生成用户的私钥对并返回给用户。具体的,从Zn中选一个随机数r,通过计算RID=[r]P;计算SID=r+H2(ID||RID)·x mod q;密钥生成中心将用户的私钥对(RID,SID)通过安全信道传送给用户;用户通过对比计算可以验证私钥对的真实性。假设第一终端设备的第一身份标识为ID1,第二终端设备的第二身份标识为ID2,则密钥生成中心得到的第一终端设备的私钥对为(RID1,SID1),第二终端设备的私钥对为(RID2,SID2)。After the system is initialized, the key generation center takes the terminal device (or user device)'s identifier (ID) as input and generates the user's private key pair and returns it to the user. Specifically, a random number r is selected from Zn , and RID = [r]P is calculated; SID = r + H2 (ID|| RID ) x mod q is calculated; the key generation center transmits the user's private key pair ( RID , SID ) to the user through a secure channel; the user can verify the authenticity of the private key pair by comparing the calculations. Assuming that the first identifier of the first terminal device is ID1, and the second identifier of the second terminal device is ID2, the private key pair of the first terminal device obtained by the key generation center is ( RID1 , SID1 ), and the private key pair of the second terminal device is ( RID2 , SID2 ).
可选的,上述第一临时公钥可以是第一终端设备从Zq中选取随机数r1(即第一随机数),并通过公式TID1=[r1]P计算得到的,TID1表示第一临时公钥。上述第二临时公钥可以是第二终端设备从Zq中选取随机数r2(即第二随机数),并通过公式TID2=[r2]P计算得到的,TID2表示第二临时公钥;Optionally, the first temporary public key may be a random number r 1 (i.e., a first random number) selected by the first terminal device from Z q and calculated by the formula T ID1 = [r 1 ]P, where T ID1 represents the first temporary public key. The second temporary public key may be a random number r 2 (i.e., a second random number) selected by the second terminal device from Z q and calculated by the formula T ID2 = [r 2 ]P, where T ID2 represents the second temporary public key;
可选地,上述第一临时私钥可以具体为RID1。上述第二临时私钥可以具体为RID2Optionally, the first temporary private key may be specifically R ID1 . The second temporary private key may be specifically R ID2 .
即上述步骤201中,第一终端设备将(ID1,RID1,TID1)发送至区块链网络,第二终端设备将(ID2,RID2,TID2)发送至区块链网络,且第一终端设备从区块链网络中获取(ID2,RID2,TID2),第二终端设备从区块链网络中获取(ID1,RID1,TID1)。后续第一终端设备和第二终端设备基于从区块链网络获取的信息进行密钥协商。That is, in the above step 201, the first terminal device sends (ID1, R ID1 , T ID1 ) to the blockchain network, the second terminal device sends (ID2, R ID2 , T ID2 ) to the blockchain network, and the first terminal device obtains (ID2, R ID2 , T ID2 ) from the blockchain network, and the second terminal device obtains (ID1, R ID1 , T ID1 ) from the blockchain network. Subsequently, the first terminal device and the second terminal device negotiate a key based on the information obtained from the blockchain network.
步骤202:第一终端设备生成第一会话密钥,该第一会话密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关,该第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数。Step 202: The first terminal device generates a first session key, which is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key and the first random number. The first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key.
可选地,该第一私钥可具体为上述第一终端设备的私钥对中的SID1Optionally, the first private key may specifically be S ID1 in the private key pair of the first terminal device.
步骤203:在所述第一会话密钥与第二会话密钥相同的情况下,确定所 述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。Step 203: If the first session key is the same as the second session key, determine The key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
可选地,该第二私钥可具体为上述第二终端设备的私钥对中的SID2Optionally, the second private key may specifically be S ID2 in the private key pair of the second terminal device.
本公开实施例中,第一终端设备和第二终端设备通过区块链网络交互相应的密钥协商认证信息,然后两个终端设备基于从区块链网络获取的密钥协商认证信息生成相应的会话密钥,若第一终端设备和第二终端设备生成的会话密钥一致,则确定所述第一终端设备与所述第二终端设备之间密钥协商成功。本公开实施例中通过区块链网络来交互密钥协商认证信息,无需通过第三方认证系统进行认证,从而能够有效避免由于第三方认证系统受到攻击而导致信息泄露的风险,并且增强了双边认证的安全性(即两个终端设备生成的会话密钥相同才确定密钥协商成功),从而有效提高了认证的可靠性。In the disclosed embodiment, the first terminal device and the second terminal device exchange corresponding key negotiation authentication information through the blockchain network, and then the two terminal devices generate corresponding session keys based on the key negotiation authentication information obtained from the blockchain network. If the session keys generated by the first terminal device and the second terminal device are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful. In the disclosed embodiment, the key negotiation authentication information is exchanged through the blockchain network, and there is no need to authenticate through a third-party authentication system, thereby effectively avoiding the risk of information leakage due to attacks on the third-party authentication system, and enhancing the security of bilateral authentication (that is, the key negotiation is successful only when the session keys generated by the two terminal devices are the same), thereby effectively improving the reliability of authentication.
可选地,所述第一终端设备生成第一会话密钥,包括:Optionally, the first terminal device generates a first session key, including:
所述第一终端设备生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;The first terminal device generates at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
可选地,该第一哈希函数可具体为上述H1Optionally, the first Hash function may specifically be the above-mentioned H 1 .
本公开实施例中,第一终端设备通过第一密钥协商认证信息中的参数和第二密钥协商认证信息中的参数生成至少一个共享密钥,并通过第一哈希函数进行加密处理,得到第一会话密钥。该第一会话密钥的生成过程无需进行繁重的计算,降低了计算成本,且无需两个设备之间进行多轮次的通信验证(设备之间的通信信道是公共信道,存在安全隐患和边信道攻击),能够有效保证安全性。In the disclosed embodiment, the first terminal device generates at least one shared key through the parameters in the first key negotiation authentication information and the parameters in the second key negotiation authentication information, and performs encryption processing through the first hash function to obtain a first session key. The generation process of the first session key does not require heavy calculations, which reduces the calculation cost, and does not require multiple rounds of communication verification between the two devices (the communication channel between the devices is a public channel, which has security risks and side channel attacks), which can effectively ensure security.
可选地,所述第一终端设备生成至少一个共享密钥,包括以下至少一项:Optionally, the first terminal device generates at least one shared key, including at least one of the following:
根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数, 生成第一共享密钥;According to the first private key, the second temporary private key, the second identity, the root public key and the second Hash function, generating a first shared key;
根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
可选地,所述第一共享密钥满足以下公式:
Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the first shared key satisfies the following formula:
Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
可选地,所述第二共享密钥满足以下公式:
Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the second shared key satisfies the following formula:
Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
可选地,所述第三共享密钥满足以下公式:
Za3=[SID1]TID2Optionally, the third shared key satisfies the following formula:
Za3 = [S ID1 ] T ID2 ;
其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
可选地,所述第四共享密钥满足以下公式:
Za4=[r1]TID2Optionally, the fourth shared key satisfies the following formula:
Za4 = [ r1 ] TID2 ;
其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
作为一种可选地实现方式,第一会话密钥满足以下公式:
K1=H1(ID1,ID2,Za1,Za2,Za3,Za4);As an optional implementation, the first session key satisfies the following formula:
K 1 =H 1 (ID1, ID2, Za1 , Za2 , Za3 , Za4 );
其中,H1表示上述第一哈希函数,K1表示第一会话密钥。Wherein, H1 represents the above-mentioned first hash function, and K1 represents the first session key.
本公开实施例中,第二会话密钥满足以下公式:
K2=H1(ID1,ID2,Zb1,Zb2,Zb3,Zb4); In the embodiment of the present disclosure, the second session key satisfies the following formula:
K 2 =H 1 (ID1, ID2, Z b1 , Z b2 , Z b3 , Z b4 );
其中,H1表示上述第一哈希函数,K2表示第二会话密钥。Zb1为第二终端设备生成的第一共享密钥,Zb2为第二终端设备生成的第二共享密钥,Zb3为第二终端设备生成的第三共享密钥,Zb4为第二终端设备生成的第四共享密钥。Wherein, H1 represents the above-mentioned first hash function, K2 represents the second session key, Zb1 is the first shared key generated by the second terminal device, Zb2 is the second shared key generated by the second terminal device, Zb3 is the third shared key generated by the second terminal device, and Zb4 is the fourth shared key generated by the second terminal device.
可选地,所述Zb1满足以下公式:
Zb1=[SID2](RID1+[H2(ID1||RID1)]Ppub];Optionally, Z b1 satisfies the following formula:
Z b1 =[S ID2 ](R ID1 +[H 2 ( ID1 || R ID1 )]P pub ];
其中,SID2表示第二私钥,RID1表示第一临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID1表示第一终端设备的身份标识。Among them, S ID2 represents the second private key, R ID1 represents the first temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID1 represents the identity of the first terminal device.
可选地,所述Zb2满足以下公式:
Zb2=[r2](RID1+[H2(ID1||RID1)]PpubOptionally, the Z b2 satisfies the following formula:
Z b2 = [r 2 ](R ID1 + [H 2 ( ID1 || R ID1 )] P pub ;
其中,r2表示第一随机数,RID1表示第一临时私钥,H2表示第二哈希函数,ID1表示第一终端设备的身份标识,Ppub表示根公钥。Among them, r 2 represents a first random number, R ID1 represents a first temporary private key, H 2 represents a second hash function, ID1 represents an identity identifier of the first terminal device, and P pub represents a root public key.
可选地,所述Zb3满足以下公式:
Zb3=[SID2]TID1Optionally, the Z b3 satisfies the following formula:
Z b3 = [S ID2 ] T ID1 ;
其中,SID2表示第二私钥,TID1表示第一临时公钥。Among them, S ID2 represents the second private key, and T ID1 represents the first temporary public key.
可选地,所述Zb4满足以下公式:
Zb4=[r2]TID1Optionally, the Z b4 satisfies the following formula:
Z b4 = [r 2 ] T ID1 ;
可选地,r2表示第一随机数,TID1表示第一临时公钥。Optionally, r 2 represents a first random number, and T ID1 represents a first temporary public key.
在上述K1与K2一致的情况下,确定第一终端设备和第二终端设备之间的密钥协商成功,则在第一终端设备和第二终端设备之间建立会话,否则,确定第一终端设备和第二终端设备之间的密钥协商不成功,放弃第一终端设备和第二终端设备之间的会话建立。When K1 and K2 are consistent, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, and a session is established between the first terminal device and the second terminal device; otherwise, it is determined that the key negotiation between the first terminal device and the second terminal device is unsuccessful, and the session establishment between the first terminal device and the second terminal device is abandoned.
下面结合一实施例来对本公开进行说明。The present disclosure is described below in conjunction with an embodiment.
假设第一终端设备为设备1,第二终端设备为设备2,本公开的密钥协商方法包括:Assuming that the first terminal device is device 1 and the second terminal device is device 2, the key negotiation method disclosed in the present invention includes:
1)系统参数创建:1) System parameter creation:
密钥生成中心根据身份基算法生成安全参数{p,Fp,G,P,H1,H2};The key generation center generates security parameters {p, F p , G, P, H 1 , H 2 } according to the identity-based algorithm;
密钥生成中心生成一个根私钥,并通过计算得到根公钥PpubThe key generation center generates a root private key and obtains the root public key P pub through calculation;
密钥生成中心向外输出的系统安全参数包括{p,q,Fp,G,P,H1,H2,Ppub}。The system security parameters output by the key generation center include {p, q, F p , G, P, H 1 , H 2 , P pub }.
该系统安全参数、根私钥和根公钥的生成方式已在上面描述中进行详细 说明,此处不再赘述。The generation method of the system security parameters, root private key and root public key has been described in detail above. Description, no further elaboration is given here.
2)用户私钥提取:设备1和设备2的唯一标识分别记为ID1和ID2。2) User private key extraction: The unique identifiers of device 1 and device 2 are recorded as ID1 and ID2 respectively.
设备1将唯一标识ID1通过安全的私密通道发送至密钥生成中心;设备2将唯一标识ID2通过安全的私密通道发送至密钥生成中心;Device 1 sends the unique identification ID1 to the key generation center through a secure private channel; Device 2 sends the unique identification ID2 to the key generation center through a secure private channel;
密钥生成中心通过收到的唯一标识ID1作为输入生成设备1的私钥对(RID1,sID1),并通过安全的私密通道返回给设备1;密钥生成中心通过收到的唯一标识ID2作为输入生成设备2的私钥对(RID2,sID2),并通过安全的私密通道返回给设备2;The key generation center generates a private key pair (R ID1 , s ID1 ) of device 1 using the received unique identifier ID1 as input, and returns it to device 1 through a secure private channel; the key generation center generates a private key pair (R ID2 , s ID2 ) of device 2 using the received unique identifier ID2 as input, and returns it to device 2 through a secure private channel;
设备1和设备2收到并验证私钥对的正确性,如果确认正确则保留私钥对并通过标识生成对应公钥;如果确认失败则放弃该私钥;Device 1 and Device 2 receive and verify the correctness of the private key pair. If the confirmation is correct, the private key pair is retained and the corresponding public key is generated through the identification; if the confirmation fails, the private key is abandoned;
3)认证密钥协商:3) Authentication key negotiation:
设备1生成第一临时私钥RID1和第一临时公钥TID1,将(ID1,RID1,TID1)发送至区块链网络,设备2从区块链中得到设备1相关信息(ID1,RID1,TID1);设备2生成第二临时私钥RID2和第二临时公钥TID2,将(ID2,RID2,TID2)发送至区块链网络,设备1从区块链网络中得到设备2相关信息(ID2,RID2,TID2);Device 1 generates a first temporary private key R ID1 and a first temporary public key T ID1 , and sends (ID1, R ID1 , T ID1 ) to the blockchain network, and device 2 obtains device 1 related information (ID1, R ID1 , T ID1 ) from the blockchain; Device 2 generates a second temporary private key R ID2 and a second temporary public key T ID2 , and sends (ID2, R ID2 , T ID2 ) to the blockchain network, and device 1 obtains device 2 related information (ID2, R ID2 , T ID2 ) from the blockchain network;
设备1根据获取的设备2相关信息,生成共享密钥,如Za1、Za2、Za3和Za4,并基于共享密钥得到上述第一会话密钥K1Device 1 generates shared keys, such as Za1 , Za2 , Za3 and Za4 , according to the acquired relevant information of device 2, and obtains the first session key K1 based on the shared keys.
若K1与K2一致,则确定第一终端设备和第二终端设备之间的密钥协商成功。If K1 is consistent with K2 , it is determined that the key negotiation between the first terminal device and the second terminal device is successful.
本公开实施例的密钥协商方案具有轻量化和防止信息泄露的特点,可以应用于泛在网络架构中,泛在网络架构中,终端设备数量众多,且计算能力和电量有限,通过分布式边缘服务器作为边缘节点的管理可以有效的处理和存储所在覆盖范围内终端设备和用户的请求以及数据服务。并且区块链作为去中心化的分布式电子记账本,引入到泛在网络中能够实现可信网络架构并且有效避免单点失效从而提高网络的可靠性和安全性,能够为网络中的所有设备提供认证鉴权,解决了泛在网络中由于终端设备数量多而导致的认证管理困难的问题。此外,本公开实施例的密钥协商认证方案在区块链网络的帮助下实现开销小、成本低且安全性高的无证书认证的目的,而且具有更好的可扩展性和可移植性。 The key negotiation scheme of the disclosed embodiment has the characteristics of being lightweight and preventing information leakage, and can be applied to ubiquitous network architectures. In ubiquitous network architectures, there are a large number of terminal devices, and the computing power and power are limited. The distributed edge server can effectively process and store the requests and data services of terminal devices and users within the coverage area through the management of edge nodes. And the blockchain, as a decentralized distributed electronic ledger, can be introduced into the ubiquitous network to realize a trusted network architecture and effectively avoid single point failures, thereby improving the reliability and security of the network. It can provide authentication and authorization for all devices in the network, solving the problem of difficult authentication management caused by the large number of terminal devices in the ubiquitous network. In addition, the key negotiation authentication scheme of the disclosed embodiment achieves the purpose of certificateless authentication with low overhead, low cost and high security with the help of the blockchain network, and has better scalability and portability.
如图4所示,本公开实施例还提供了一种密钥协商装置,包括存储器420,收发机400,处理器410;As shown in FIG4 , the embodiment of the present disclosure further provides a key negotiation device, including a memory 420 , a transceiver 400 , and a processor 410 ;
存储器420,用于存储计算机程序;收发机400,用于在所述处理器410的控制下收发数据;处理器410,用于读取所述存储器中的计算机程序并执行以下操作:The memory 420 is used to store computer programs; the transceiver 400 is used to send and receive data under the control of the processor 410; the processor 410 is used to read the computer program in the memory and perform the following operations:
向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;Sending first key agreement authentication information to the blockchain network, and obtaining second key agreement authentication information sent by the second terminal device from the blockchain network; wherein the first key agreement authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, and the second key agreement authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device;
生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;Generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
其中,在图4中,总线架构可以包括任意数量的互联的总线和桥,具体由处理器410代表的一个或多个处理器和存储器420代表的存储器的各种电路链接在一起。总线架构还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口提供接口。收发机400可以是多个元件,即包括发送机和接收机,提供用于在传输介质上与各种其他装置通信的单元,这些传输介质包括,这些传输介质包括无线信道、有线信道、光缆等传输介质。针对不同的用户设备,用户接口430还可以是能够外接内接需要设备的接口,连接的设备包括但不限于小键盘、显示器、扬声器、麦克风、操纵杆 等。Among them, in Figure 4, the bus architecture may include any number of interconnected buses and bridges, specifically one or more processors represented by processor 410 and various circuits of memory represented by memory 420 are linked together. The bus architecture can also link together various other circuits such as peripherals, voltage regulators, and power management circuits, which are all well known in the art and are therefore not further described herein. The bus interface provides an interface. The transceiver 400 may be a plurality of components, namely, a transmitter and a receiver, providing a unit for communicating with various other devices on a transmission medium, and these transmission media include wireless channels, wired channels, optical cables and other transmission media. For different user devices, the user interface 430 may also be an interface that can be connected to external or internal devices, and the connected devices include but are not limited to a keypad, a display, a speaker, a microphone, a joystick, etc. wait.
处理器410负责管理总线架构和通常的处理,存储器420可以存储处理器410在执行操作时所使用的数据。The processor 410 is responsible for managing the bus architecture and general processing, and the memory 420 can store data used by the processor 410 when performing operations.
可选的,处理器410可以是中央处理器(Central Processing Unit,CPU)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或复杂可编程逻辑器件(Complex Programmable Logic Device,CPLD),处理器也可以采用多核架构。Optionally, processor 410 can be a central processing unit (CPU), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or a complex programmable logic device (CPLD), and the processor can also adopt a multi-core architecture.
处理器通过调用存储器存储的计算机程序,用于按照获得的可执行指令执行本公开实施例提供的任一所述方法。处理器与存储器也可以物理上分开布置。The processor calls the computer program stored in the memory to execute any of the methods provided by the embodiments of the present disclosure according to the obtained executable instructions. The processor and the memory can also be arranged physically separately.
可选地,所述处理器410执行所述程序时还实现以下步骤:Optionally, when executing the program, the processor 410 further implements the following steps:
生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;Generate at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
可选地,所述处理器410执行所述程序时还实现以下步骤中的至少一项:Optionally, when executing the program, the processor 410 further implements at least one of the following steps:
根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
可选地,所述第一共享密钥满足以下公式:
Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the first shared key satisfies the following formula:
Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
可选地,所述第二共享密钥满足以下公式:
Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the second shared key satisfies the following formula:
Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
可选地,所述第三共享密钥满足以下公式:
Za3=[SID1]TID2Optionally, the third shared key satisfies the following formula:
Za3 = [S ID1 ] T ID2 ;
其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
可选地,所述第四共享密钥满足以下公式:
Za4=[r1]TID2Optionally, the fourth shared key satisfies the following formula:
Za4 = [ r1 ] TID2 ;
其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
在此需要说明的是,本公开实施例提供的上述装置,能够实现上述密钥协商方法实施例所实现的所有方法步骤,且能够达到相同的技术效果,在此不再对本实施例中与方法实施例相同的部分及有益效果进行具体赘述。It should be noted here that the above-mentioned device provided in the embodiment of the present disclosure can implement all the method steps implemented in the above-mentioned key negotiation method embodiment, and can achieve the same technical effect. The parts and beneficial effects of this embodiment that are the same as those in the method embodiment will not be described in detail here.
如图5所示,本公开实施例还提供了一种密钥协商装置,包括:As shown in FIG5 , the embodiment of the present disclosure further provides a key negotiation device, including:
第一收发单元501,用于向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;The first transceiver unit 501 is used to send first key negotiation authentication information to the blockchain network, and obtain second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key and a second temporary private key of the second terminal device;
第一生成单元502,用于生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;A first generating unit 502 is configured to generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
第一确定单元503,用于在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成 中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。The first determination unit 503 is used to determine that the key negotiation between the first terminal device and the second terminal device is successful when the first session key is the same as the second session key, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, and the second private key is a key generation key. The center generates a private key related to the second identity identifier, and the second random number is a random number used to generate the second temporary public key.
可选地,所述第一生成单元502包括:Optionally, the first generating unit 502 includes:
第一生成子单元,用于生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;A first generating subunit, configured to generate at least one shared key, wherein the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
第二生成子单元,用于根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。The second generating subunit is used to generate a first session key according to the at least one shared key, the first identity, the second identity and the first Hash function.
可选地,所述第一生成子单元用于执行以下至少一项:Optionally, the first generating subunit is used to perform at least one of the following:
根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
可选地,所述第一共享密钥满足以下公式:
Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the first shared key satisfies the following formula:
Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
可选地,所述第二共享密钥满足以下公式:
Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];Optionally, the second shared key satisfies the following formula:
Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
可选地,所述第三共享密钥满足以下公式:
Za3=[SID1]TID2Optionally, the third shared key satisfies the following formula:
Za3 = [S ID1 ] T ID2 ;
其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公 钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, T ID2 represents the second temporary public key, key.
可选地,所述第四共享密钥满足以下公式:
Za4=[r1]TID2Optionally, the fourth shared key satisfies the following formula:
Za4 = [ r1 ] TID2 ;
其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
在此需要说明的是,本公开实施例提供的上述装置,能够实现上述密钥协商方法实施例所实现的所有方法步骤,且能够达到相同的技术效果,在此不再对本实施例中与方法实施例相同的部分及有益效果进行具体赘述。It should be noted here that the above-mentioned device provided in the embodiment of the present disclosure can implement all the method steps implemented in the above-mentioned key negotiation method embodiment, and can achieve the same technical effect. The parts and beneficial effects of this embodiment that are the same as those in the method embodiment will not be described in detail here.
需要说明的是,本公开实施例中对单元的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。另外,在本公开各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。It should be noted that the division of units in the embodiments of the present disclosure is schematic and is only a logical function division. There may be other division methods in actual implementation. In addition, each functional unit in each embodiment of the present disclosure may be integrated into a processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个处理器可读取存储介质中。基于这样的理解,本公开的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(processor)执行本公开各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a processor-readable storage medium. Based on this understanding, the technical solution of the present disclosure is essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product. The computer software product is stored in a storage medium, including several instructions to enable a computer device (which can be a personal computer, server, or network device, etc.) or a processor (processor) to perform all or part of the steps of the method described in each embodiment of the present disclosure. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), disk or optical disk and other media that can store program code.
在本公开的一些实施例中,还提供了一种处理器可读存储介质,所述处理器可读存储介质存储有程序指令,所述程序指令用于使所述处理器执行实现以下步骤:In some embodiments of the present disclosure, a processor-readable storage medium is further provided, wherein the processor-readable storage medium stores program instructions, and the program instructions are used to enable the processor to execute the following steps:
向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和 第二临时私钥;Sending first key negotiation authentication information to the blockchain network, and obtaining second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key and a first temporary private key of the second terminal device Second temporary private key;
生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;Generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
本公开实施例涉及的终端设备,可以是指向用户提供语音和/或数据连通性的设备,具有无线连接功能的手持式设备、或连接到无线调制解调器的其他处理设备等。在不同的系统中,终端设备的名称可能也不相同,例如在5G系统中,终端设备可以称为用户设备(User Equipment,UE)。无线终端设备可以经无线接入网(Radio Access Network,RAN)与一个或多个核心网(Core Network,CN)进行通信,无线终端设备可以是移动终端设备,如移动电话(或称为“蜂窝”电话)和具有移动终端设备的计算机,例如,可以是便携式、袖珍式、手持式、计算机内置的或者车载的移动装置,它们与无线接入网交换语言和/或数据。例如,个人通信业务(Personal Communication Service,PCS)电话、无绳电话、会话发起协议(Session Initiated Protocol,SIP)话机、无线本地环路(Wireless Local Loop,WLL)站、个人数字助理(Personal Digital Assistant,PDA)等设备。无线终端设备也可以称为系统、订户单元(subscriber unit)、订户站(subscriber station),移动站(mobile station)、移动台(mobile)、远程站(remote station)、接入点(access point)、远程终端设备(remote terminal)、接入终端设备(access terminal)、用户终端设备(user terminal)、用户代理(user agent)、用户装置(user device),本公开实施例中并不限定。The terminal device involved in the embodiments of the present disclosure may be a device that provides voice and/or data connectivity to a user, a handheld device with a wireless connection function, or other processing devices connected to a wireless modem. In different systems, the name of the terminal device may also be different. For example, in a 5G system, the terminal device may be called a user equipment (UE). A wireless terminal device may communicate with one or more core networks (CN) via a radio access network (RAN). The wireless terminal device may be a mobile terminal device, such as a mobile phone (or a "cellular" phone) and a computer with a mobile terminal device. For example, it may be a portable, pocket-sized, handheld, computer-built-in or vehicle-mounted mobile device that exchanges language and/or data with a radio access network. For example, personal communication service (PCS) phones, cordless phones, session initiation protocol (SIP) phones, wireless local loop (WLL) stations, personal digital assistants (PDA) and other devices. The wireless terminal device may also be referred to as a system, a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, an access point, a remote terminal device, an access terminal device, a user terminal device, a user agent, and a user device, but is not limited to these in the embodiments of the present disclosure.
本公开实施例涉及的网络设备,可以是基站,该基站可以包括多个为终端提供服务的小区。根据具体应用场合不同,基站又可以称为接入点,或者 可以是接入网中在空中接口上通过一个或多个扇区与无线终端设备通信的设备,或者其它名称。网络设备可用于将收到的空中帧与网际协议(Internet Protocol,IP)分组进行相互更换,作为无线终端设备与接入网的其余部分之间的路由器,其中接入网的其余部分可包括网际协议(IP)通信网络。网络设备还可协调对空中接口的属性管理。例如,本公开实施例涉及的网络设备可以是全球移动通信系统(Global System for Mobile communications,GSM)或码分多址接入(Code Division Multiple Access,CDMA)中的网络设备(Base Transceiver Station,BTS),也可以是带宽码分多址接入(Wide-band Code Division Multiple Access,WCDMA)中的网络设备(NodeB),还可以是长期演进(Long Term Evolution,LTE)系统中的演进型网络设备(evolutional Node B,eNB或e-NodeB)、5G网络架构(next generation system)中的5G基站(gNB),也可以是家庭演进基站(Home evolved Node B,HeNB)、中继节点(relay node)、家庭基站(femto)、微微基站(pico)等,本公开实施例中并不限定。在一些网络结构中,网络设备可以包括集中单元(Centralized Unit,CU)节点和分布单元(Distributed Unit,DU)节点,集中单元和分布单元也可以地理上分开布置。The network device involved in the embodiments of the present disclosure may be a base station, which may include multiple cells providing services for terminals. Depending on the specific application scenario, a base station may also be called an access point, or It can be a device in the access network that communicates with the wireless terminal device over the air interface through one or more sectors, or other names. The network device can be used to convert received air frames into Internet Protocol (IP) packets and act as a router between the wireless terminal device and the rest of the access network, where the rest of the access network may include an Internet Protocol (IP) communication network. The network device can also coordinate the attribute management of the air interface. For example, the network device involved in the embodiments of the present disclosure may be a network device (Base Transceiver Station, BTS) in the Global System for Mobile communications (Global System for Mobile communications, GSM) or Code Division Multiple Access (Code Division Multiple Access, CDMA), or a network device (NodeB) in Wide-band Code Division Multiple Access (WCDMA), or an evolutionary network device (evolutional Node B, eNB or e-NodeB) in the Long Term Evolution (Long Term Evolution, LTE) system, a 5G base station (gNB) in the 5G network architecture (next generation system), or a Home evolved Node B (Home evolved Node B, HeNB), a relay node, a femto, a pico, etc., which is not limited in the embodiments of the present disclosure. In some network structures, the network device may include a Centralized Unit (CU) node and a Distributed Unit (DU) node, and the Centralized Unit and the Distributed Unit may also be arranged geographically separately.
网络设备与终端设备之间可以各自使用一或多根天线进行多输入多输出(Multi Input Multi Output,MIMO)传输,MIMO传输可以是单用户MIMO(Single User MIMO,SU-MIMO)或多用户MIMO(Multiple User MIMO,MU-MIMO)。根据根天线组合的形态和数量,MIMO传输可以是二维MIMO(2Dimension MIMO,2D-MIMO)、三维MIMO(3Dimension MIMO,3D-MIMO)、全维度MIMO(Full Dimension MIMO,FD-MIMO)或超大规模MIMO(massive-MIMO),也可以是分集传输或预编码传输或波束赋形传输等。Network devices and terminal devices can each use one or more antennas for multiple input multiple output (MIMO) transmission. MIMO transmission can be single user MIMO (SU-MIMO) or multi-user MIMO (MU-MIMO). Depending on the form and number of antenna combinations, MIMO transmission can be two-dimensional MIMO (2D-MIMO), three-dimensional MIMO (3D-MIMO), full-dimensional MIMO (FD-MIMO) or massive MIMO, or it can be diversity transmission, precoded transmission or beamforming transmission, etc.
本领域内的技术人员应明白,本公开的实施例可提供为方法、系统、或计算机程序产品。因此,本公开可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本公开可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。 Those skilled in the art will appreciate that the embodiments of the present disclosure may be provided as methods, systems, or computer program products. Therefore, the present disclosure may take the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present disclosure may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) containing computer-usable program code.
本公开是参照根据本公开实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机可执行指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机可执行指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present disclosure is described with reference to the flowchart and/or block diagram of the method, device (system), and computer program product according to the embodiment of the present disclosure. It should be understood that each process and/or box in the flowchart and/or block diagram, as well as the combination of the process and/or box in the flowchart and/or block diagram can be implemented by computer executable instructions. These computer executable instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, an embedded processor or other programmable data processing device to produce a machine, so that the instructions executed by the processor of the computer or other programmable data processing device produce a device for implementing the functions specified in one process or multiple processes in the flowchart and/or one box or multiple boxes in the block diagram.
这些处理器可执行指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的处理器可读存储器中,使得存储在该处理器可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These processor-executable instructions may also be stored in a processor-readable memory that can direct a computer or other programmable data processing device to operate in a specific manner, so that the instructions stored in the processor-readable memory produce a product including an instruction device that implements the functions specified in one or more processes in the flowchart and/or one or more boxes in the block diagram.
这些处理器可执行指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These processor-executable instructions may also be loaded onto a computer or other programmable data processing device so that a series of operational steps are executed on the computer or other programmable device to produce a computer-implemented process, whereby the instructions executed on the computer or other programmable device provide steps for implementing the functions specified in one or more flows in the flowchart and/or one or more blocks in the block diagram.
显然,本领域的技术人员可以对本公开进行各种改动和变型而不脱离本公开的精神和范围。这样,倘若本公开的这些修改和变型属于本公开权利要求及其等同技术的范围之内,则本公开也意图包含这些改动和变型在内。 Obviously, those skilled in the art can make various changes and modifications to the present disclosure without departing from the spirit and scope of the present disclosure. Thus, if these modifications and variations of the present disclosure fall within the scope of the claims of the present disclosure and their equivalents, the present disclosure is also intended to include these modifications and variations.

Claims (22)

  1. 一种密钥协商方法,包括:A key negotiation method, comprising:
    第一终端设备向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;The first terminal device sends first key agreement authentication information to the blockchain network, and obtains second key agreement authentication information sent by the second terminal device from the blockchain network; wherein the first key agreement authentication information includes the first identity identifier, the first temporary public key and the first temporary private key of the first terminal device, and the second key agreement authentication information includes the second identity identifier, the second temporary public key and the second temporary private key of the second terminal device;
    所述第一终端设备生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;The first terminal device generates a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
    在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
  2. 根据权利要求1所述的方法,其中,所述第一终端设备生成第一会话密钥,包括:The method according to claim 1, wherein the first terminal device generates a first session key, comprising:
    所述第一终端设备生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;The first terminal device generates at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
    根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  3. 根据权利要求2所述的方法,其中,所述第一终端设备生成至少一个共享密钥,包括以下至少一项:The method according to claim 2, wherein the first terminal device generates at least one shared key, including at least one of the following:
    根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥; Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
    根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
    其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
  4. 根据权利要求3所述的方法,其中,所述第一共享密钥满足以下公式:
    Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];    The method according to claim 3, wherein the first shared key satisfies the following formula:
    Za1 = [S ID1 ] (R ID2 + [H 2 (ID2 || R ID2 )] P pub ];
    其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
  5. 根据权利要求3所述的方法,其中,所述第二共享密钥满足以下公式:
    Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];    The method according to claim 3, wherein the second shared key satisfies the following formula:
    Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
    其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
  6. 根据权利要求3所述的方法,其中,所述第三共享密钥满足以下公式:
    Za3=[SID1]TID2    The method according to claim 3, wherein the third shared key satisfies the following formula:
    Za3 = [S ID1 ] T ID2 ;
    其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
  7. 根据权利要求3所述的方法,其中,所述第四共享密钥满足以下公式:
    Za4=[r1]TID2    The method according to claim 3, wherein the fourth shared key satisfies the following formula:
    Za4 = [ r1 ] TID2 ;
    其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
  8. 一种密钥协商装置,包括存储器,收发机,处理器;A key negotiation device includes a memory, a transceiver, and a processor;
    存储器,用于存储计算机程序;收发机,用于在所述处理器的控制下收发数据;处理器,用于读取所述存储器中的计算机程序并执行以下操作:A memory for storing a computer program; a transceiver for transmitting and receiving data under the control of the processor; and a processor for reading the computer program in the memory and performing the following operations:
    向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述 第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;Sending first key negotiation authentication information to the blockchain network, and obtaining second key negotiation authentication information sent by the second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, The second key negotiation authentication information includes a second identity identifier of the second terminal device, a second temporary public key, and a second temporary private key;
    生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;Generate a first session key, where the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, a first private key, and a first random number, where the first private key is a private key generated by a key generation center and related to the first identity, and the first random number is a random number used to generate the first temporary public key;
    在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。When the first session key and the second session key are the same, it is determined that the key negotiation between the first terminal device and the second terminal device is successful, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
  9. 根据权利要求8所述的装置,其中,所述处理器执行所述程序时还实现以下步骤:The device according to claim 8, wherein when the processor executes the program, the processor further implements the following steps:
    生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;Generate at least one shared key, where the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
    根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。A first session key is generated according to the at least one shared key, the first identity, the second identity and the first hash function.
  10. 根据权利要求9所述的装置,其中,所述处理器执行所述程序时还实现以下步骤中的至少一项:The apparatus according to claim 9, wherein when the processor executes the program, it further implements at least one of the following steps:
    根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
    根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
    其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
  11. 根据权利要求10所述的装置,其中,所述第一共享密钥满足以下公式:
    Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];    The apparatus according to claim 10, wherein the first shared key satisfies the following formula:
    Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
    其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
  12. 根据权利要求10所述的装置,其中,所述第二共享密钥满足以下公式:
    Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];    The apparatus according to claim 10, wherein the second shared key satisfies the following formula:
    Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
    其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
  13. 根据权利要求10所述的装置,其中,所述第三共享密钥满足以下公式:
    Za3=[SID1]TID2    The apparatus according to claim 10, wherein the third shared key satisfies the following formula:
    Za3 = [S ID1 ] T ID2 ;
    其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
  14. 根据权利要求10所述的装置,其中,所述第四共享密钥满足以下公式:
    Za4=[r1]TID2    The apparatus according to claim 10, wherein the fourth shared key satisfies the following formula:
    Za4 = [ r1 ] TID2 ;
    其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
  15. 一种密钥协商装置,包括:A key negotiation device, comprising:
    第一收发单元,用于向区块链网络发送第一密钥协商认证信息,并从所述区块链网络获取第二终端设备发送的第二密钥协商认证信息;其中,所述第一密钥协商认证信息包括第一终端设备的第一身份标识、第一临时公钥和第一临时私钥,所述第二密钥协商认证信息包括第二终端设备的第二身份标识、第二临时公钥和第二临时私钥;A first transceiver unit is used to send first key negotiation authentication information to a blockchain network, and obtain second key negotiation authentication information sent by a second terminal device from the blockchain network; wherein the first key negotiation authentication information includes a first identity identifier, a first temporary public key, and a first temporary private key of the first terminal device, and the second key negotiation authentication information includes a second identity identifier, a second temporary public key, and a second temporary private key of the second terminal device;
    第一生成单元,用于生成第一会话密钥,所述第一会话密钥与所述第二身份标识、所述第二临时公钥、所述第二临时私钥、第一私钥和第一随机数中的至少两项相关,所述第一私钥为密钥生成中心生成的与所述第一身份标 识相关的私钥,所述第一随机数为用于生成所述第一临时公钥的随机数;a first generating unit, configured to generate a first session key, wherein the first session key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and a first random number, and the first private key is generated by a key generation center and is related to the first identity The first random number is a random number used to generate the first temporary public key;
    第一确定单元,用于在所述第一会话密钥与第二会话密钥相同的情况下,确定所述第一终端设备与所述第二终端设备之间密钥协商成功,其中,所述第二会话密钥与所述第一身份标识、所述第一临时公钥、所述第一临时私钥、第二私钥和第二随机数中的至少两项相关,所述第二私钥为密钥生成中心生成的与所述第二身份标识相关的私钥,所述第二随机数为用于生成所述第二临时公钥的随机数。A first determination unit is used to determine that the key negotiation between the first terminal device and the second terminal device is successful when the first session key is the same as the second session key, wherein the second session key is related to at least two of the first identity, the first temporary public key, the first temporary private key, the second private key, and the second random number, the second private key is a private key generated by a key generation center and related to the second identity, and the second random number is a random number used to generate the second temporary public key.
  16. 根据权利要求15所述的装置,其中,所述第一生成单元包括:The apparatus according to claim 15, wherein the first generating unit comprises:
    第一生成子单元,用于生成至少一个共享密钥,所述共享密钥与第二身份标识、第二临时公钥、第二临时私钥、第一私钥和第一随机数中的至少两项相关;A first generating subunit, configured to generate at least one shared key, wherein the shared key is related to at least two of the second identity, the second temporary public key, the second temporary private key, the first private key, and the first random number;
    第二生成子单元,用于根据所述至少一个共享密钥、第一身份标识、第二身份标识和第一哈希函数,生成第一会话密钥。The second generating subunit is used to generate a first session key according to the at least one shared key, the first identity identifier, the second identity identifier and the first Hash function.
  17. 根据权利要求16所述的装置,其中,所述第一生成子单元用于执行以下至少一项:The apparatus according to claim 16, wherein the first generating subunit is configured to perform at least one of the following:
    根据第一私钥、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第一共享密钥;Generate a first shared key according to the first private key, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一随机数、第二临时私钥、第二身份标识、根公钥和第二哈希函数,生成第二共享密钥;Generate a second shared key according to the first random number, the second temporary private key, the second identity, the root public key, and the second Hash function;
    根据第一私钥和第二临时公钥,生成第三共享密钥;Generate a third shared key according to the first private key and the second temporary public key;
    根据第一随机数和第二临时公钥,生成第四共享密钥;Generate a fourth shared key according to the first random number and the second temporary public key;
    其中,所述根公钥由密钥生成中心生成。Wherein, the root public key is generated by a key generation center.
  18. 根据权利要求17所述的装置,其中,所述第一共享密钥满足以下公式:
    Za1=[SID1](RID2+[H2(ID2||RID2)]Ppub];    The apparatus according to claim 17, wherein the first shared key satisfies the following formula:
    Za1 = [S ID1 ] (R ID2 + [H 2 (ID2||R ID2 )] P pub ];
    其中,Za1表示第一共享密钥,SID1表示第一私钥,RID2表示第二临时私钥,H2表示第二哈希函数,Ppub表示根公钥,ID2表示第二终端设备的身份标识。Among them, Za1 represents the first shared key, S ID1 represents the first private key, R ID2 represents the second temporary private key, H 2 represents the second hash function, P pub represents the root public key, and ID2 represents the identity of the second terminal device.
  19. 根据权利要求17所述的装置,其中,所述第二共享密钥满足以下公 式:
    Za2=[r1](RID2+[H2(ID2||RID2)]Ppub];    The apparatus according to claim 17, wherein the second shared key satisfies the following formula: Mode:
    Za2 = [ r1 ] ( RID2 + [ H2 (ID2|| RID2 )] Ppub ];
    其中,Za2表示第二共享密钥,r1表示第一随机数,RID2表示第二临时私钥,H2表示第二哈希函数,ID2表示第二终端设备的身份标识,Ppub表示根公钥。Among them, Za2 represents the second shared key, r1 represents the first random number, RID2 represents the second temporary private key, H2 represents the second hash function, ID2 represents the identity of the second terminal device, and Ppub represents the root public key.
  20. 根据权利要求17所述的装置,其中,所述第三共享密钥满足以下公式:
    Za3=[SID1]TID2    The apparatus according to claim 17, wherein the third shared key satisfies the following formula:
    Za3 = [S ID1 ] T ID2 ;
    其中,Za3表示第三共享密钥,SID1表示第一私钥,TID2表示第二临时公钥。Wherein, Za3 represents the third shared key, S ID1 represents the first private key, and T ID2 represents the second temporary public key.
  21. 根据权利要求17所述的装置,其中,所述第四共享密钥满足以下公式:
    Za4=[r1]TID2    The apparatus according to claim 17, wherein the fourth shared key satisfies the following formula:
    Za4 = [ r1 ] TID2 ;
    其中,Za4表示第四共享密钥,r1表示第一随机数,TID2表示第二临时公钥。Wherein, Za4 represents the fourth shared key, r1 represents the first random number, and TID2 represents the second temporary public key.
  22. 一种处理器可读存储介质,所述处理器可读存储介质存储有计算机程序,所述计算机程序用于使所述处理器执行如权利要求1至7任一项所述的密钥协商方法的步骤。 A processor-readable storage medium stores a computer program, wherein the computer program is used to enable the processor to execute the steps of the key negotiation method according to any one of claims 1 to 7.
PCT/CN2023/127472 2022-11-30 2023-10-30 Key negotiation method and apparatus WO2024114205A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211523295.1A CN118118163A (en) 2022-11-30 2022-11-30 Key negotiation method and device
CN202211523295.1 2022-11-30

Publications (1)

Publication Number Publication Date
WO2024114205A1 true WO2024114205A1 (en) 2024-06-06

Family

ID=91214411

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/127472 WO2024114205A1 (en) 2022-11-30 2023-10-30 Key negotiation method and apparatus

Country Status (2)

Country Link
CN (1) CN118118163A (en)
WO (1) WO2024114205A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107040367A (en) * 2016-02-04 2017-08-11 华为技术有限公司 The methods, devices and systems of session key agreement
CN107437993A (en) * 2016-05-26 2017-12-05 中兴通讯股份有限公司 One kind is based on without the side's authentication key agreement method of certificate two and device
CN111314076A (en) * 2020-03-31 2020-06-19 四川九强通信科技有限公司 Certificateless key agreement method supporting bidirectional authentication
CN114362925A (en) * 2020-09-29 2022-04-15 中国移动通信有限公司研究院 Key negotiation method, device and terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107040367A (en) * 2016-02-04 2017-08-11 华为技术有限公司 The methods, devices and systems of session key agreement
CN107437993A (en) * 2016-05-26 2017-12-05 中兴通讯股份有限公司 One kind is based on without the side's authentication key agreement method of certificate two and device
CN111314076A (en) * 2020-03-31 2020-06-19 四川九强通信科技有限公司 Certificateless key agreement method supporting bidirectional authentication
CN114362925A (en) * 2020-09-29 2022-04-15 中国移动通信有限公司研究院 Key negotiation method, device and terminal

Also Published As

Publication number Publication date
CN118118163A (en) 2024-05-31

Similar Documents

Publication Publication Date Title
EP3338473B1 (en) Method and apparatus for authentication of wireless devices
EP2127315B1 (en) Bootstrapping kerberos from eap (bke)
JP5597676B2 (en) Key material exchange
US11134379B2 (en) Identity authentication method, device, and system
WO2014047135A2 (en) Generalized cryptographic framework
WO2015096138A1 (en) Offload method, user equipment, base station and access point
KR101452124B1 (en) Method for Device Authentication and Session Key Generation Based on Encryption in Internet of Things
Liu et al. A secure and efficient authentication protocol for satellite-terrestrial networks
WO2023283789A1 (en) Secure communication method and apparatus, terminal device, and network device
WO2007034299A1 (en) Re-keying in a generic bootstrapping architecture following handover of a mobile terminal
CN113872755A (en) Key exchange method and device
KR101486155B1 (en) Method for Device Authentication and Session Key Generation Based on Hash in Internet of Things
US20220116774A1 (en) Methods and systems for authentication and establishment of secure connection for edge computing services
WO2018170703A1 (en) Connection establishment method and device
US20190149326A1 (en) Key obtaining method and apparatus
WO2022134089A1 (en) Method and apparatus for generating security context, and computer-readable storage medium
US20210112408A1 (en) Reducing authentication steps during wi-fi and 5g handover
WO2024114205A1 (en) Key negotiation method and apparatus
WO2022237561A1 (en) Communication method and apparatus
CN114258703B (en) Communication method and communication device under multiple connections
CN109905345B (en) Communication method, communication device and communication equipment
Han Chaining the secret: Lightweight authentication for security in pervasive computing
WO2023093668A1 (en) Device authentication method and apparatus
WO2023131044A1 (en) Authentication and security method and device, and storage medium
WO2024131561A1 (en) Communication authentication method and apparatus