[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN117176329A - Session key generation method and device, processor and electronic equipment - Google Patents

Session key generation method and device, processor and electronic equipment Download PDF

Info

Publication number
CN117176329A
CN117176329A CN202311162063.2A CN202311162063A CN117176329A CN 117176329 A CN117176329 A CN 117176329A CN 202311162063 A CN202311162063 A CN 202311162063A CN 117176329 A CN117176329 A CN 117176329A
Authority
CN
China
Prior art keywords
key
sender
request message
value
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311162063.2A
Other languages
Chinese (zh)
Inventor
郎屹林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202311162063.2A priority Critical patent/CN117176329A/en
Publication of CN117176329A publication Critical patent/CN117176329A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for generating a session key, a processor and electronic equipment. To the field of cryptography, the method comprises: acquiring a key generation request message; carrying out hash processing on the key generation request message, the sender public key and the first promise value in a first hash operation mode to obtain a first abstract; determining a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value; and sending the key generation request message and the signature to the receiver so that the receiver determines whether the first abstract is equal to the second abstract according to the key generation request message, receives a verification result sent by the receiver, and generates a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract is equal to the second abstract. The invention solves the technical problem that the session key is easy to be broken when the session key is generated in the related technology.

Description

Session key generation method and device, processor and electronic equipment
Technical Field
The present invention relates to the field of cryptography, and in particular, to a method and apparatus for generating a session key, a processor, and an electronic device.
Background
Currently, in a certificateless authentication key agreement protocol, a sender public key is easily replaced in a signature verification process, and security problems may occur. That is, with the related method provided in the related art, the session key is easily broken when the session key is generated.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the invention provides a method, a device, a processor and electronic equipment for generating a session key, which are used for at least solving the technical problem that the session key is easy to be broken when the session key is generated in the related technology.
According to an aspect of an embodiment of the present invention, there is provided a method for generating a session key, including: acquiring a key generation request message; carrying out hash processing on the key generation request message, the sender public key and a first promise value through a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and intermediate variables, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variables are obtained according to a key system public key, a key system abstract and the parameters; determining a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value; the key generation request message and the signature are sent to a receiver, so that the receiver determines whether the first digest and the second digest are equal according to the key generation request message, wherein the second digest is obtained by carrying out hash processing on the key generation request message by the receiver in the first hash operation mode, the sender public key and a second commitment value, and the second commitment value is obtained by carrying out linear operation processing on the intermediate item by the receiver in the preset linear operation mode and the sender public key; and receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value when the verification result is that the first abstract and the second abstract are equal.
Optionally, the hash processing is performed on the key generation request message, the sender public key, and the first promise value by using a first hash operation mode, so as to obtain a first digest, and before the first digest is obtained, the method further includes: transmitting the sender identity and the sender public key to a key system; and receiving the partial private key and the key system digest sent by the key system, wherein the partial private key is obtained by the key system according to the parameters, the key system digest and the key system private key, and the key system digest is obtained by performing hash processing on the sender identity and the sender public key by the key system in a second hash operation mode.
Optionally, the hash processing is performed on the key generation request message, the sender public key, and the first promise value by using a first hash operation mode, so as to obtain a first digest, and before the first digest is obtained, the method further includes: the first hash operation mode, the key system public key and the parameter are obtained from a key system, wherein the key system public key is obtained by the key system according to the key system private key and the parameter.
Optionally, the determining the signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value includes: determining an intermediate item according to the random value, the sender private key and the intermediate variable; and determining the signature according to the first digest, the intermediate item, the key generation request message and the first promise value.
Optionally, when the verification result is that the first digest and the second digest are equal, generating a session key of the session between the sender and the receiver according to the random value and the first promise value, further includes: encrypting a predetermined session by using the session key to obtain an encrypted session; the encrypted session is sent to the recipient.
According to an aspect of an embodiment of the present invention, there is provided a method for generating a session key, including: receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first digest, the key generation request message and a first promise value, the first digest is obtained by the sender through a first hash operation mode on the key generation request message, a sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of private keys, the intermediate variable is obtained by the sender according to a key system public key, a key system digest and parameters, and the first promise value is obtained by the sender according to the random value and the parameters; carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode; verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result; and sending the verification result to the sender, so that the sender generates a session key for the sender and the receiver to perform a session according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are verified to be equal.
Optionally, before the receiving the key generation request message and the signature sent by the sender, the method further includes: and acquiring the first hash operation mode, the preset linear operation mode and the parameters from a key system.
Optionally, the hash processing is performed on the key generation request message, the sender public key, and the second promise value by using a first hash operation mode, and before obtaining the second digest, the method further includes: and acquiring the sender public key, the intermediate item and the first abstract from the sender.
Optionally, after the sending the verification result to the sender, the method further includes: receiving an encryption session sent by the sender; and in the case that the receiver comprises the session key, decrypting the encrypted session to obtain a predetermined session.
According to an aspect of an embodiment of the present invention, there is provided a session key generation apparatus, including: the acquisition module is used for acquiring the key generation request message; the first determining module is configured to hash the key generation request message, the sender public key, and the first promise value to obtain a first digest, where the first promise value is obtained according to a random value and a parameter, the sender public key is obtained according to a sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variable is obtained according to a key system public key, a key system digest, and the parameter; the second determining module is used for determining a signature according to the random value, the sender private key, the intermediate variable, the first abstract, the key generation request message and the first promise value; the first sending module is configured to send the key generation request message and the signature to a receiver, so that the receiver determines whether the first digest and the second digest are equal according to the key generation request message, where the second digest is obtained by performing hash processing on the key generation request message by the receiver in the first hash operation mode, the sender public key, and a second commitment value, and the second commitment value is obtained by performing linear operation processing on the intermediate item and the sender public key by the receiver in a predetermined linear operation mode; and the generation module is used for receiving a verification result sent by the receiver, and generating a session key for the session between the sender and the receiver according to the random value and the first promise value when the verification result is that the first abstract and the second abstract are equal.
According to an aspect of an embodiment of the present invention, there is provided a session key generation apparatus, including: the receiving module is used for receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first abstract, the key generation request message and a first promise value, the first abstract is obtained by the sender through a first hash operation mode on the key generation request message, the sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a key system public key, the key system abstract and parameters, and the first promise value is obtained by the sender according to the random value and the parameters; the third determining module is used for carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode; the verification module is used for verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result; and the second sending module is used for sending the verification result to the sender so that the sender generates a session key for the sender and the receiver to perform session according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal to each other.
According to an aspect of an embodiment of the present invention, there is provided a processor, configured to execute a program, where the program executes the method for generating a session key according to any one of the foregoing methods.
According to an aspect of an embodiment of the present invention, there is provided an electronic device including one or more processors and a memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of the above.
In the embodiment of the invention, a key generation request message is acquired, the key generation request message, a sender public key and a first promise value are hashed in a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and intermediate variables, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variables are obtained according to a key system public key, a key system abstract and parameters. Determining a signature according to a random value, a sender private key, an intermediate variable, a first digest, a key generation request message and a first promise value, and sending the key generation request message and the signature to a receiver, so that the receiver determines whether the first digest is equal to a second digest according to the key generation request message, wherein the second digest is obtained by carrying out hash processing on the key generation request message, the sender public key and the second promise value by the receiver in a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key by the receiver in a preset linear operation mode. And receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal. The sender determines the signature of the sender according to the random value, the sender private key, the intermediate variable, the first abstract, the key generation request message and the first promise value, and the sender private key participates in calculation in the process of generating the signature, so that the technical effects of integrity and reliability of the key generation message can be ensured to a certain extent, and the technical problem that the session key is easy to be broken when the session key is generated in the related technology is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application. In the drawings:
fig. 1 is a flowchart of a first method for generating a session key according to an embodiment of the present application;
fig. 2 is a flowchart of a second method for generating a session key according to an embodiment of the present application;
fig. 3 is a block diagram of a first configuration of a session key generation apparatus provided according to an embodiment of the present application;
fig. 4 is a block diagram of a second configuration of a session key generating apparatus according to an embodiment of the present application;
fig. 5 is a schematic diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that, related information (including, but not limited to, user equipment information, user personal information, etc.) and data (including, but not limited to, data for presentation, analyzed data, etc.) related to the present disclosure are information and data authorized by a user or sufficiently authorized by each party, where the collection, use, and processing of related data is required to comply with related laws and regulations and standards of a related region.
The present application will be described with reference to preferred implementation steps, and fig. 1 is a flowchart of a first method for generating a session key according to an embodiment of the present application, as shown in fig. 1, where the method includes the following steps:
step S101, obtaining a key generation request message;
for example, the key generation request message M may be acquired for the sender M.
In step S101 provided in the present application, the key generation request message may be data that needs to be signed and verified, where the data is typically generated by the sender and sent to the receiver for identity verification and data integrity verification. The request message may be any form of data, such as a hypertext transfer protocol request (HTTP request), an application programming interface request (API request), etc., and typically contains information about the parameters of the request, the method of the request, the path of the request, etc., and a key for signing. In the signing process, the receiver uses the same secret key and signature algorithm to carry out signature verification on the request message so as to ensure the integrity and authenticity of the request message.
Step S102, carrying out hash processing on a key generation request message, a sender public key and a first promise value through a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and intermediate variables, the sender private key is obtained according to the random private key and partial private key, and the intermediate variables are obtained according to a key system public key, a key system abstract and parameters;
for example, a request message M can be generated for the secret key by the sender M through a first hash operation mode, and the public key y of the sender m And the first commitment value R is hashed to obtain a first digest Q (alternatively q=h may be determined as follows 2 (m,Y m R), wherein the first commitment value R is derived from the random value R and the parameter P (alternatively r=rp may be determined by m According to the sender private key x m And the intermediate variable T (alternatively, Y may be determined as follows m =x m -1 (y m ,Y m ) A) sender private key x m According to a random private key x 1 With part of private key d m Obtained (alternatively, x may be determined as follows m ,x 1 d m ) The intermediate variable T depends on the public key y of the key system k The key system KGC digest h, and the parameter P are derived (alternatively, t=y may be determined as follows k +hP)。
It should be noted that, the first abstract Q is not provided with an subscript, and is used to represent a general calculation method for determining the abstract, and subsequent similar representation methods have the same meaning, which is not described herein.
In step S102 provided in the present application, the first hash operation manner is determined by the key system, alternatively may be determined in the key system by the following manner, and at the same time, other parameters in the key system are described:
in a key system, a security parameter k is given. The key system (which may be KGC) selects a secure bilinear map e (which may be a predetermined linear operation as described in the present application): g 1 ×G 1 →G 2 Wherein G is 1 The prime number q-order cyclic addition group is the addition generator P (which may be a parameter described in the present application). G 2 For prime q-order cyclic multiplication groups, a generator g is selected. Key system picks a secure hash function H 1 :{0,1}*→Z q * (which can be used as the second hash operation method in the present application), H 2 :{0,1}*×G 1 →Z q * (as the first hash operation mode described in the present application), a bilinear pair g=e (P, P) is defined, and the key system randomly selects x k ∈Z q * As a key system private key, a key system public key y is calculated k =x k P∈G 1 . Publishing system parameters { k, G 1 ,G 2 ,e,g,P,Y k ,H 1 ,H 2 And each of the sender, the receiver and the like can acquire the parameters from the key system.
The sender public key may be a public key cryptosystem used in encrypted communication, and the public key generated and disclosed by the sender is usually transmitted and stored in a data format or a file form, and may be obtained according to a private key of the sender and an intermediate variable, that is, the public key of the sender may be used by other people to encrypt data sent from the sender by using the public key, so as to ensure that only the private key sent can decrypt the data; the first commitment value may refer to an encryption operation in which a given input value is associated with a specific result, and the first commitment value is specific to the sender and may be obtained according to a random value and a parameter, so as to ensure the integrity of data.
The first digest may be a digest value with a fixed length calculated according to the content of the key generation request message by a first hash operation, where the digest value is generally used to verify the integrity and authenticity of the message, so as to ensure that the message is not tampered or forged during the transmission process.
It should be noted that, in the above steps, the first digest is determined by using the first hash operation manner, so as to mainly prevent the message from being tampered or forged, and meanwhile, the integrity and authenticity verification of the message can be provided, and in practical application, the generated request message digest is often used in the scenes of data transmission, digital signature, data integrity verification and the like in communication.
Step S103, determining a signature according to the random value, the private key of the sender, the intermediate variable, the first abstract, the key generation request message and the first promise value;
for example, the sender M can be based on the random value r, the sender private key x m The intermediate variable T, the first digest Q (alternatively q=h may be determined as follows 2 (m,Y m R), the key generation request message m, and the first commitment value R, determines the signature σ (alternatively, σ= (Q, S, m, R) may be determined as follows).
In step S103 provided in the present application, the random value may be randomly selected from a series of system parameters disclosed by the KGC of the key generating center, and the private key of the sender may be a string of randomly generated numbers and letters, which are used for encrypting and digitally signing the message, where the private key of the sender is usually generated by the sender and kept secret, and cannot be obtained by other people, and the security of the private key of the sender is critical to ensure the validity of the encryption and the digital signature. According to the method in the step, the intermediate variable can be obtained according to the public key of the key system, the abstract of the key system and the parameters.
It should be noted that, according to the random value obtained from the key generation center KGC, the sender private key, the intermediate variable, the first digest, the key generation request message that needs to be signed, and the first promise value, the signature of the sender is determined, that is, through the above steps, the sender can complete the signing operation for the first digest in the above steps. In the above, by signing the first abstract and determining the signing operation, the integrity of the data, the reliability and the non-tamper property of the source can be ensured, and meanwhile, the sender uses the private key to sign the abstract, the uniqueness and the validity of the signature can be ensured, and the security of the key generation request message in the interaction process is ensured.
Step S104, a key generation request message and a signature are sent to a receiver, so that the receiver determines whether a first abstract is equal to a second abstract according to the key generation request message, wherein the second abstract is obtained by carrying out hash processing on the key generation request message, a sender public key and a second promise value by the receiver in a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on an intermediate item and the sender public key by the receiver in a preset linear operation mode;
for example, the sender M may send the key generation request message M and the signature σ to the receiver N, where the second digest Q is the second hash operation method performed on the key generation request message M by the receiver N, and the sender public key y m And the second commitment value R1 (alternatively, q=h may be determined by 2 (m,Y m R), the second commitment value R1 is obtained by the receiver N for the intermediate item S and the sender public key y by a predetermined linear operation mode m Is subjected to a linear operation (alternatively, R can be determined as follows 1 =e(S,Y m ))。
In step S104 provided in the present application, the second digest is obtained by hashing the key generation request message, the sender public key, and the second promise value by the receiver in the first hash operation manner in the previous step, where the second promise value has a meaning similar to that of the first promise value in the step of signing, that is, the second promise value may be an encrypted form for a specific information, and is obtained by performing a linear operation on the intermediate item and the sender public key by a predetermined linear operation manner.
Before the receiver determines the first digest and the second digest, the sender first needs to send the obtained key generation request message and the signature generated in the previous step to the receiver, and after the receiver receives the key generation request message and the signature of the sender, the receiver can perform the next operation step of verifying the signature.
Step S105, receiving the verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value when the verification result is that the first abstract and the second abstract are equal.
For example, the sender M may receive the verification result sent by the receiver N, and generate the session key K for the sender and the receiver to perform the session according to the random value R and the first promise value R when the verification result is that the first digest Q and the second digest Q are equal a (alternatively, K may be determined by a =rR)。
In step S105 provided in the present application, the session key is a temporary symmetric key, which is a temporary key established between two parties of communication, and is used to encrypt and decrypt information in the session.
For the above steps, a session key of a session between a sender and a receiver may be generated, in the process of generating the session key, it is first required to determine whether the determined first digest is equal to the second digest, this process is equivalent to that the receiver performs a verification operation on a signature sent by the sender, then the receiver determines that the first digest is equal to the second digest, and a verification result passing verification is obtained, that is, the verification result at this time indicates that the receiver has successfully verified the signature of the sender and has obtained a key generation request message sent by the sender, and the receiver may send the verification result passing verification to the sender, and determine the session key of the session between the sender and the receiver according to the random value and the first promise value in the above steps.
It should be noted that, the above verification process of verifying the first digest and the second digest, that is, the process of verifying the signature by the receiver, involves hash calculation and comparison of the key generation request message, which not only can provide protection of data integrity, authenticity and forgery prevention, but also can ensure that the signature of the sender is not tampered during transmission, thereby protecting the security and reliability of the data.
It should be further noted that, in the case that the verification result is passed, the session key for performing the session between the sender and the receiver is further determined, that is, the verification result is passed, the generated session key is temporary, and the generated session key is used for encrypting and decrypting the current content by both parties, so that long-term use and management of multiple keys can be avoided, complexity of key management is simplified, confidentiality and integrity of the session between the sender and the receiver can be ensured to a certain extent, and potential risks of key leakage and abuse are reduced.
However, only the sender can generate the session key at this time, and if both sides can obtain the content, the receiver needs to perform the above steps as the sender to generate the session key at the receiver side, so as to ensure the order of the session between both sides. And through verification of both sides, session keys of the sides of the two sides are respectively acquired, so that the safety and confidentiality in the process are further ensured.
Through the steps S101-S105, for the sender side, the key generation request message is obtained, and the first digest is obtained by hashing the key generation request message, the sender public key, and the first commitment value in a first hash operation manner, where the first commitment value is obtained according to the random value and the parameter, the sender public key is obtained according to the sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of the private key, and the intermediate variable is obtained according to the key system public key, the key system digest, and the parameter. Determining a signature according to a random value, a sender private key, an intermediate variable, a first digest, a key generation request message and a first promise value, and sending the key generation request message and the signature to a receiver, so that the receiver determines whether the first digest is equal to a second digest according to the key generation request message, wherein the second digest is obtained by carrying out hash processing on the key generation request message, the sender public key and the second promise value by the receiver in a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key by the receiver in a preset linear operation mode. And receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal. The sender determines the signature of the sender according to the random value, the sender private key, the intermediate variable, the first abstract, the key generation request message and the first promise value, and the sender private key participates in calculation in the process of generating the signature, so that the technical effects of integrity and reliability of the key generation message can be ensured to a certain extent, and the technical problem that the session key is easy to be broken when the session key is generated in the related technology is solved.
The above-described method of this embodiment is further described below.
As an optional embodiment, the method further includes, before hashing the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: transmitting the sender identity and the sender public key to a key system; and receiving a part of private keys and a key system abstract sent by the key system, wherein the part of private keys are obtained by the key system according to parameters, the key system abstract and the key system private keys, and the key system abstract is obtained by carrying out hash processing on the sender identity and the sender public key by the key system in a second hash operation mode.
For example, the above steps can be to send the sender identification ID for the sender M m With sender public key y m To the key system.
The sender M receives the partial private key d sent by KGC m And KGC abstract h, wherein, part of private key d m For KGC, according to the parameter P, KGC abstract h,secret key system private key x k Obtained (alternatively, d may be determined as follows m =(x k +h) -1 P), KGC digest h is KGC, and the sender identity ID is obtained by a second hash operation mode m Hash with sender public key ym (alternatively, h=h may be determined as follows 1 (ID m ,y m ))。
In this embodiment, the identity of the sender may be an identifier, a user name, a digital certificate, etc. The identity marks are used for verifying the identity of the sender, ensuring the safety and reliability of communication, are not limited herein, and can be customized according to specific scenes and applications.
The key system may be a KGC key generating center, which is not limited herein, and may be configured in a customized manner according to a specific scenario and application.
The partial private key is a partial private key of the sender and can be obtained through parameters, a key system abstract and the key system private key, and the key system abstract can be obtained through hash processing of the sender identity and the sender public key in a second hash operation mode.
It should be noted that, before determining the first digest, determining the partial private key of the sender in the above steps and the key system digest, where the partial private key of the sender is used by the sender to determine the private key of the sender, the sender may be used to sign the key generation request message, so as to improve security, confidentiality and verifiability between sessions; after the private key of the sender is used for determining the private key of the sender, the sender further determines the public key of the sender according to the private key of the sender, and the receiver performs signature verification operation according to the public key of the sender, so that the key generation request message is ensured not to be tampered or forged in the transmission process.
As an optional embodiment, the method further includes, before hashing the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: the method comprises the steps of obtaining a first hash operation mode, a key system public key and parameters from a key system, wherein the key system public key is obtained by the key system according to a key system private key and the parameters.
For example, the above steps may be that the sender M obtains the first hash operation mode from KGC, and the public key y of the key system k Parameter P, wherein the key system public key y k Private key x for key system according to key system k And the parameter P (alternatively, y may be determined as follows k =x k P)。
In this embodiment, the parameter may be obtained from a parameter published by the key system, the key system private key may also be randomly selected from security parameters established by the key system, and after obtaining the key system private key, the key system may obtain the key system public key according to the key system private key and the parameter obtained from the parameter published by the key system.
It should be noted that, by the above method, the determined public key of the key system may be used to determine an intermediate variable, and further determine the public key of the sender, in this process, since the public key of the key system participates in the determination process of the public key of the sender, it is possible to prevent to a certain extent that a third party may easily tamper with the public key of the sender, resulting in a risk of substitution attack of the public key of the sender.
As an alternative embodiment, determining the signature based on the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value, includes: determining an intermediate item according to the random value, the sender private key and the intermediate variable; the signature is determined based on the first digest, the intermediate item, the key generation request message, and the first commitment value.
For example, the above steps can be that the sender M depends on the random value r, the sender private key x m And an intermediate variable T, an intermediate term S is determined (alternatively, s=rx may be determined as follows m -1 T); the sender M determines the signature σ from the first digest Q, the intermediate term S, the key generation request message M, and the first commitment value R (alternatively, σ= (Q, S, M, R) may be determined as follows).
In this embodiment, the sender may perform a corresponding operation according to the private key and the random value of the sender to obtain the intermediate item, and further, the sender performs a corresponding operation according to the first digest, the intermediate item, the key generation request message, and the first promise value to obtain the signature.
As an alternative embodiment, after generating the session key for the sender and the receiver to perform the session according to the random value and the first promise value if the verification result is that the first digest and the second digest are equal, the method further includes: encrypting a predetermined session using a session key to obtain an encrypted session; the encrypted session is sent to the recipient.
If the sender M can encrypt the preset session by using the session key, obtaining an encrypted session; the sender M sends the encrypted session to the receiver N.
In this embodiment, after the session key is generated, the following steps are also required: the preset session can be symmetrically encrypted by using the session key, confidentiality of session content is ensured, an encrypted session is generated, then the sender can send the encrypted session to the receiver through a proper communication channel, the receiver can acquire the encrypted session, after the receiver receives the encrypted session, the receiver decrypts the encrypted session by using the same session key and restores the encrypted session to the preset session, and the receiver can also perform the session according to the restored preset session to perform corresponding operation or communication.
It should be noted that, in order to ensure the security and integrity of the session, the predetermined session is encrypted according to the generated session key, so that confidentiality, integrity, and characteristic protection of the predetermined session can be provided, the security of the predetermined session is enhanced, and the efficiency and performance of communication are improved. By using the session key, an integrity verification of the predetermined session can be achieved.
Fig. 2 is a flowchart of a second method for generating a session key according to an embodiment of the present application, as shown in fig. 2, the method includes the following steps:
step S201, receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first digest, the key generation request message and a first promise value, the first digest is obtained by the sender through a first hash operation mode on the key generation request message, the sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a key system public key, the key system digest and a parameter, and the first promise value is obtained by the sender according to the random value and the parameter;
for example, the request message M and signature σ (σ= (Q, S, M, R)) may be generated for the receiving party N to receive the key sent by the sending party M, where the signature σ is the random value R by the sending party M, the private key x of the sending party m Intermediate variable T, first digest Q (q=h 2 (m,Y m R), the key generation request message M, and the first commitment value R are obtained, the first digest Q is obtained by the sender M by hashing the key generation request message M, the sender public key y m And the first commitment value R is hashed to obtain (q=h 2 (m,Y m R)), sender public key y m For sender M based on sender private key x m Intermediate variable T is obtained (Y m =x m -1 (y m ,Y m ) A) sender private key x m For sender based on random private key x 1 With part of private key d m Obtain (x) m ,x 1 d m ) The intermediate variable T is the public key y of the sender M according to the key system k KGC digest h and parameter P (t=y k +hp), the first commitment value R is obtained by the sender M according to the random value R and the parameter P (r=rp).
Step S202, carrying out hash processing on a key generation request message, a sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on an intermediate item and the sender public key through a preset linear operation mode;
for example, a request message m can be generated for the key by the receiver N through a first hash operation mode, and the public key y of the sender m And a second commitment value R 1 Hash processing is performed to obtain a second digest Q (q=h 2 (m,Y m ,R 1 ) And) wherein the second commitment value R 1 For intermediate item S and sender public key y by a predetermined linear operation e m The linear operation is performed to obtain (R) 1 =e(S,Y m ))。
In step S202 provided in the present application, the second commitment value is obtained by performing a linear operation on the intermediate item and the sender public key in a predetermined linear operation manner, that is, for the key generation request message, the sender public key, and the second commitment value, a hash process may be performed using a first hash operation manner to generate a second digest.
It should be noted that, for the specific steps described above, the steps are: the key generation request message, the sender public key and the second promise value are taken as input, the input is hashed by using a first hash operation mode to generate a first hash result, the first hash result and the second promise value are subjected to linear operation to obtain an intermediate item, the intermediate item and the sender public key are subjected to linear operation to obtain the second abstract, namely, the result obtained by hashing the key generation request message, the sender public key and the second promise value by using the first hash operation mode is the second abstract. The second promise value in the above step can be used for generating a second abstract, and to a certain extent, the step of performing subsequent signature verification by the receiver is participated in, so that the key generation request message can be confirmed not to be tampered or modified, and the integrity protection of the key generation request message is enhanced.
Step S203, verifying whether the first abstract and the second abstract are equal to each other, and obtaining a verification result;
for example, the first digest Q may be verified for the receiver N (q=h 2 (m,Y m R)) and a second digest q=h 2 (m,Y m R) are equal to each other, and a verification result is obtained.
It should be noted that, in the above steps, to verify whether the first digest and the second digest are equal, the digest value corresponding to the first digest and the digest value corresponding to the second digest may be calculated by a hash algorithm, instead of comparing the original data, that is, by verifying the consistency of the first digest and the second digest, the integrity of the key generation request message, the reliability and the security of the source may be ensured, the occurrence of forgery or impersonation may be prevented to a certain extent, and the confidentiality and the integrity of the communication between the receiving party and the transmitting party may be ensured.
Step S204, the verification result is sent to the sender, so that the sender generates a session key for the sender and the receiver to perform the session according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal.
For example, the verification result may be sent to the sender M for the receiver N such that when the verification result is verification of the first digest Q (q=h 2 (m,Y m R)) and a second digest Q (q=h) 2 (m,Y m ,R 1 ) Under the condition that the random value R and the first promise value R are equal, the sender M generates a session key K for the sender and the receiver to conduct session a (K a =rR)。
Through the steps S201-S204, for the receiver side, the key generation request message and the signature sent by the sender are received, where the signature is obtained by the sender according to a random value, the sender private key, an intermediate variable, a first digest, the key generation request message, and a first promise value, the first digest is obtained by the sender hashing the key generation request message, the sender public key, and the first promise value by a first hash operation, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a key system public key, the key system digest, and the parameter, and the first promise value is obtained by the sender according to the random value and the parameter. And carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode. And verifying whether the first abstract and the second abstract are equal to obtain a verification result, and sending the verification result to the sender, so that the purpose that the sender generates a session key for the sender and the receiver to perform a session according to the random value and the first promise value is achieved under the condition that the verification result is that the first abstract and the second abstract are equal to each other, and the session key is generated after the verification result which passes the verification is obtained under the condition that the first abstract and the second abstract are equal to each other, and further, the technical problem that the session key is easy to be broken when the session key is generated in the related technology is solved.
As an alternative embodiment, before receiving the key generation request message and the signature sent by the sender, the method further includes: and acquiring a first hash operation mode, a preset linear operation mode and parameters from the key system.
For example, the first hash operation mode, the predetermined linear operation mode e, and the parameter P may be obtained from KGC for the receiver N.
In this embodiment, the first hash operation, the predetermined linear operation, and the parameters may be obtained from parameters published by the key system. The first hash operation mode, the preset linear operation mode and the parameters obtained from the key system through the steps provide an important verification tool for the follow-up signature process of the receiver verification sender.
As an optional embodiment, the method further includes, before hashing the key generation request message, the sender public key, and the second promise value by using a first hash operation manner to obtain a second digest: the method comprises the steps of obtaining a sender public key, an intermediate item and a first abstract from a sender.
For example, the sender public key y can be obtained from the sender M for the receiver N m Intermediate item S, first summary Q.
In this embodiment, the sender public key, the intermediate item, and the first digest may be obtained from the sender. The sender public key, the intermediate item and the first digest obtained from the sender through the steps provide an important verification tool for the signature process of the subsequent receiver verification sender.
As an alternative embodiment, after sending the verification result to the sender, the method further includes: receiving an encrypted session sent by a sender; in case the receiver comprises a session key, the encrypted session is decrypted, resulting in the predetermined session.
In this embodiment, when the receiving party verifies that the first digest and the second digest are equal, a verification result is obtained, and after the verification result is sent to the sending party, the sending party generates a session key for the sending party and the receiving party to perform a session according to the received verification result, and the sending party may further encrypt the predetermined session according to the generated session key, and at this time, the receiving party decrypts the encrypted session by using the session key, and finally obtains the predetermined session.
The session key is a session key commonly owned by the sender and the receiver, and can be used for ensuring the security and confidentiality of session information and ensuring the confidentiality and integrity of the session when the sender and the receiver communicate.
Based on the foregoing embodiments and optional embodiments, an optional implementation is provided, and is specifically described below.
In the related art, when a session key is generated, the technical problem that the session key is easy to be cracked is illustrated, in the related art, a related method is adopted to generate a signature for both interaction messages, and when the signature is verified, after a user receives a part of private keys sent by KGC, the correctness of the KGC private keys is verified through 2 bilinear operations, 3 bilinear operations exist in the subsequent signature verification process, 5 bilinear operations are performed in the whole negotiation process, more time is wasted, and the efficiency is greatly improved; in the aspect of security certification, the scheme cannot defend public key substitution attack, an attacker can randomly select parameters to participate in calculation of a user public key, and the selected parameters are eliminated when equation verification is carried out after a normal user receives a signature, so that a verification equation is established, namely, a third user successfully passes normal digital signature authentication, security and calculation efficiency problems possibly exist, and the generated session key is easy to be broken.
In view of this, the alternative embodiment of the present application provides a method for generating a session key, which is a novel non-certificate scheme for one-time bilinear pairing operation, overcomes the defect that public key substitution attack cannot be defended, improves the operation efficiency, and can resist public key substitution attack.
The method provided by the alternative embodiment of the application adopts a certificate-free public key cryptosystem, is safe and efficient, and comprises three main parts in a certificate-free protocol: KGC key generating center, signer (same sender), verifier (same receiver).
The protocol without certificate is divided into six parts of system parameter establishment, secret value establishment, generation of partial private key, private key establishment, public key establishment and key negotiation, and the following operations are respectively carried out on each part.
(1) And (3) establishing system parameters: the main process is KGC main key generation, defining bilinear pair, selecting Hash function and other initializing parameters and disclosing one series of parameters.
(2) Secret value establishment: the user selects the random number as the secret value of the user, and the new secret value is selected again in each communication process, so that the mutual influence among multiple communications is avoided.
(3) Generating a part of private key: the key generation center KGC calculates partial private key according to the set algorithm by using the known information and transmits the partial private key to the user through the secure channel.
(4) Establishing a private key: the user calculates the partial key and the secret value to obtain the complete key through a set algorithm.
(5) Public key establishment: the user generates his own public key according to a specific algorithm.
(6) Key agreement: the sender transmits a signature formed by encrypting a user by using the private key, the receiver firstly carries out signature authentication, receives parameters if the signature passes, otherwise, the sender and the receiver discard the parameters, and if the signature passes the signature authentication, the sender and the receiver finally form a session key according to the received information to ensure the safety communication.
The following describes the detailed specific steps of the methods provided by alternative embodiments of the present invention:
s1, a sender M acquires a key generation request message M, and generates the key generation request message M in a first hash operation mode, and a sender public key y m Hash the first commitment value R to obtain a first abstract Q 1
It should be noted that, in the above steps, the key system is also required to establish system parameters, and the specific process is as follows: given the security parameter k, KGC (key system) selects a secure bilinear map e: g 1 ×G 1 →G 2 Wherein G is 1 The prime number q-order cyclic addition group is added to generate the element P, G 2 For prime q-order cyclic multiplication group, selecting a generating element g, and selecting a secure Hash function H by KGC 1 :{0,1}*→Z q * ,H 2 :{0,1}*×G 1 →Z q * Defining a bilinear pair g=e (P, P), KGC randomly selects x k ∈Z q * As key system private key x k Calculating a public key y of a key system k =x k P∈G 1 . Publishing system parameters { k, G 1 ,G 2 ,e,g,P,Y k ,H 1 ,H 2 }。
The first abstract Q obtained above 1 The method can be processed according to a first hash operation mode, and the specific formula is as follows: q (Q) 1 =H 2 (m,Y m R), the first hash operation mode in this step can be obtained from the system parameters published by the key system, i.e. the first hash operation mode H is obtained 1
Obtaining a first promise value R according to the product of the random value R and the parameter P, wherein the specific formula is as follows: r=rp;
according to the sender private key x m Is multiplied by the intermediate variable T to obtain the sender public key (y m ,Y m ) The specific formula is as follows: y is Y m =x m -1 T;
According to a random private key x 1 With part of private key d m To the sender private key x m Namely (x) m ,x 1 d m ) Random private key x in this step 1 May be selected from parameters established by the key system, and may be: x is x 1 ∈Z q * Partial private key d m The calculation can be performed according to the following formula, for example: d, d m =(x k +h) -1 P, wherein the parameter P is obtained from the parameters published by the key system;
Determining a public key y of the key system according to the product between KGC digest h (key system digest) and parameter P k And obtaining an intermediate variable T, wherein the specific formula is as follows: t=y k +hP;
The KGC digest h, KGC (key system) performs a second hash operation on the sender ID m With sender public key y m The method is obtained by carrying out hash processing, and the specific formula is as follows: h=h 1 (ID m ,y m ) The second hash operation mode in this step may be obtained from the system parameters published by the key system, i.e. the second hash operation mode H is obtained 2
S2, the sender M sends the private key x of the sender according to the random value r m Intermediate variable T, first abstract Q 1 Determining a signature sigma by the key generation request message m and the first promise value R, and transmitting the key generation request message m and the signature to a receiver N;
the above-identified signature is: sigma= (Q) 1 ,S,m,R)。
S3, the receiver N receives the key generation request message M and the signature sigma sent by the sender M;
s4, the receiver N generates a request message m for the key through a first hash operation mode, and the public key y of the sender is transmitted m And a second commitment value R 1 Hash processing is carried out to obtain a second digest Q 2
The second promise value R 1 For intermediate item S and sender public key y by a predetermined linear operation e m The method is obtained by linear operation processing, and the specific formula is as follows: r is R 1 =e(S,Y m );
The determining process of the second abstract can be obtained through the first hash operation process, and the specific formula is as follows: q (Q) 2 =H 2 (m,Y m ,R 1 )。
S5, the receiver N verifies the first abstract Q 1 And a second abstract Q 2 Whether the two are equal or not, and obtaining a verification result;
it should be noted that, the first summary Q is verified 1 And a second abstract Q 2 Whether or not to be equal, i.e. verify Q 1 =H 2 (m,Y m R) and Q 2 =H 2 (m,Y m ,R 1 ) Whether or not the two equations are equal, and determine the first digest Q 1 And a second abstract Q 2 Verification results when equal;
s6, the receiver N sends the verification result to the sender M so that the verification result is the verification first abstract Q 1 And a second abstract Q 2 Under the condition of equality, the sender M generates a session key K for the sender M and the receiver N to carry out the session according to the random value R and the first promise value R a
It should be noted that, the determination of the session key may be determined according to the product of the random value R and the first promise value R, and the specific formula is as follows: k (K) a =rR。
The sender M verifies that it is able to continue communication, otherwise the receiver N directly discards the signature. After the verification is passed, the session key negotiation is performed.
S7, the sender M receives the verification result sent by the receiver N, and verifies the first abstract Q when the verification result is the verification result 1 And a second abstract Q 2 When the random value R and the first promise value R are equal, a session key K for the sender M and the receiver N to conduct the session is generated a
By the alternative embodiments, at least the following advantages can be achieved:
(1) Because the determination of the private key of the sender needs participation of the private key of the sender, and the determination of the private key of the sender needs participation of the private key system, namely, the private key of the private key system participates in calculation in the generation process of the private key of the sender, when the sender signs the private key of the sender of the key generation request message, the private key of the private key system also participates in signature calculation, and the step can prevent the risk that a third party is easy to tamper with the public key of the sender, so that the public key of the sender is replaced and attacked to a certain extent;
(2) Because the receiver performs verification operation on the signature sent by the sender, in the process of verifying the signature, whether the first abstract is equal to the second abstract needs to be verified, the public key of the sender participates in the process of determining the second abstract, and the public key of the sender is obtained according to the private key of the sender and the intermediate variable, in the process of verifying the signature, the integrity, confidentiality and reliability of the key generation request message are ensured due to the participation of the private key of the sender;
(3) In the method provided by the alternative embodiment of the invention, the negotiation efficiency is improved by reducing bilinear pairing operation with larger operation quantity for 4 times, and partial private keys of users do not need to be checked; because the user private key and the KGC private key are necessary to participate in the signature verification operation, a third party cannot perform public key replacement attack by tampering with the public key, and the operation efficiency and the security are improved.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present invention is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present invention. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present invention.
From the description of the above embodiments, it will be clear to a person skilled in the art that the method according to the above embodiments may be implemented by means of software plus the necessary general hardware platform, but of course also by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method of the various embodiments of the present invention.
According to an embodiment of the present application, there is further provided an apparatus for implementing the first method for generating a session key, and fig. 3 is a block diagram of a first apparatus for generating a session key according to an embodiment of the present application, as shown in fig. 3, where the apparatus includes: the device is described in detail below, and the obtaining module 301, the first determining module 302, the second determining module 303, the first transmitting module 304, and the generating module 305 are described in detail below.
An obtaining module 301, configured to obtain a key generation request message;
the first determining module 302, coupled to the obtaining module 301, is configured to hash the key generation request message, the sender public key, and the first promise value to obtain a first digest, where the first promise value is obtained according to the random value and the parameter, the sender public key is obtained according to the sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of the private key, and the intermediate variable is obtained according to the key system public key, the key system digest, and the parameter;
a second determining module 303, coupled to the first determining module 302, configured to determine a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value;
The first sending module 304, coupled to the second determining module 303, is configured to send a key generation request message and a signature to a receiver, so that the receiver determines whether the first digest is equal to the second digest according to the key generation request message, where the second digest is obtained by performing hash processing on the key generation request message, the sender public key, and the second commitment value by the receiver, and the second commitment value is obtained by performing linear operation processing on the intermediate item and the sender public key by a predetermined linear operation manner;
the generating module 305 is connected to the first sending module 304, and is configured to receive the verification result sent by the receiving party, and generate a session key for the sending party and the receiving party to perform a session according to the random value and the first promise value when the verification result is that the first digest and the second digest are equal to each other.
Here, the above-mentioned obtaining module 301, the first determining module 302, the second determining module 303, the first transmitting module 304, and the generating module 305 correspond to steps S101 to S105 in the method for generating the session key, and the plurality of modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in the above-mentioned embodiments.
The first generation device of the session key provided by the embodiment of the application obtains the key generation request message, hashes the key generation request message, the sender public key and the first promise value in a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to the sender private key and intermediate variables, the sender private key is obtained according to the random private key and partial private key, and the intermediate variables are obtained according to the key system public key, the key system abstract and parameters. Determining a signature according to a random value, a sender private key, an intermediate variable, a first digest, a key generation request message and a first promise value, and sending the key generation request message and the signature to a receiver, so that the receiver determines whether the first digest is equal to a second digest according to the key generation request message, wherein the second digest is obtained by carrying out hash processing on the key generation request message, the sender public key and the second promise value by the receiver in a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key by the receiver in a preset linear operation mode. And receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal. The sender determines the signature of the sender according to the random value, the sender private key, the intermediate variable, the first abstract, the key generation request message and the first promise value, and the sender private key participates in calculation in the process of generating the signature, so that the technical effects of integrity and reliability of the key generation message can be ensured to a certain extent, and the technical problem that the session key is easy to be broken when the session key is generated in the related technology is solved.
According to an embodiment of the present application, there is further provided an apparatus for implementing the second method for generating a session key, and fig. 4 is a block diagram of a structure of the apparatus 4 for generating a session key according to the embodiment of the present application, as shown in fig. 4, where the apparatus includes: the receiving module 401, the third determining module 402, the verifying module 403 and the second transmitting module 404 are described in detail below.
The receiving module 401 is configured to receive a key generation request message and a signature sent by a sender, where the signature is obtained by the sender according to a random value, a private key of the sender, an intermediate variable, a first digest, the key generation request message, and a first promise value, the first digest is obtained by the sender hashing the key generation request message, the public key of the sender, and the first promise value by a first hash operation method, the public key of the sender is obtained by the sender according to the private key of the sender and the intermediate variable, the private key of the sender is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a public key of a key system, the digest of the key system, and a parameter, and the first promise value is obtained by the sender according to the random value and the parameter;
A third determining module 402, coupled to the receiving module 401, configured to hash, by using a first hash operation manner, the key generation request message, the sender public key, and a second promise value to obtain a second digest, where the second promise value is obtained by performing a linear operation process on the intermediate item and the sender public key by using a predetermined linear operation manner;
the verification module 403, connected to the third determination module 402, is configured to verify whether the first digest and the second digest are equal to each other, to obtain a verification result;
the second sending module 404 is connected to the verification module 403, and is configured to send a verification result to the sender, so that the sender generates a session key for the sender and the receiver to perform a session according to the random value and the first commitment value when the verification result is that the first digest and the second digest are equal to each other.
Here, the receiving module 401, the third determining module 402, the verifying module 403 and the second transmitting module 404 correspond to steps S201 to S204 in the method for generating the session key, and the plurality of modules are the same as the examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in the above embodiments.
The second generation device of the session key provided by the embodiment of the application receives a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first abstract, a key generation request message and a first promise value, the first abstract is obtained by the sender through carrying out hash operation on the key generation request message, the sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of private key, the intermediate variable is obtained by the sender according to a key system public key, the key system abstract and a parameter, and the first promise value is obtained by the sender according to the random value and the parameter; carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode; verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result; and sending the verification result to the sender, so that the purpose that the sender generates a session key for the sender and the receiver to perform the session according to the random value and the first promise value is achieved under the condition that the verification result is that the first abstract and the second abstract are verified to be equal by the receiver, and the session key is generated after the verification result is obtained under the condition that the first abstract and the second abstract are verified to be equal by the receiver, thereby being capable of ensuring the security and confidentiality of session information, and further solving the technical problem that the session key is easy to be broken when the session key is generated in the related technology.
The first session key generation device and the second session key generation device each include a processor and a memory, the plurality of modules and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor includes a kernel, and the kernel fetches the corresponding program unit from the memory. The kernel can be provided with one or more than one kernel, and the technical problem that the session key is easy to be broken when the session key is generated in the related technology is solved by adjusting the kernel parameters.
The memory may include volatile memory, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), in a computer readable medium, the memory including at least one memory chip.
The embodiment of the invention provides a computer-readable storage medium having a program stored thereon, which when executed by a processor, implements a method of generating a session key.
The embodiment of the invention provides a processor, which is used for running a program, wherein the program runs to execute a method for generating a session key.
Fig. 5 is a schematic diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 5, the embodiment of the present invention provides an electronic device, where the device includes a processor, a memory, and a program stored in the memory and executable on the processor, and the processor implements the following steps when executing the program: acquiring a key generation request message; carrying out hash processing on the key generation request message, the sender public key and a first promise value through a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variable is obtained according to a key system public key, a key system abstract and parameters; determining a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value; sending a key generation request message and a signature to a receiver so that the receiver determines whether a first abstract is equal to a second abstract according to the key generation request message, wherein the second abstract is obtained by carrying out hash processing on the key generation request message, a sender public key and a second promise value by a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on an intermediate item and the sender public key by the receiver by a preset linear operation mode; and receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: transmitting the sender identity and the sender public key to a key system; and receiving a part of private keys and a key system abstract sent by the key system, wherein the part of private keys are obtained by the key system according to parameters, the key system abstract and the key system private keys, and the key system abstract is obtained by carrying out hash processing on the sender identity and the sender public key by the key system in a second hash operation mode.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: the method comprises the steps of obtaining a first hash operation mode, a key system public key and parameters from a key system, wherein the key system public key is obtained by the key system according to a key system private key and the parameters.
Optionally, determining the signature based on the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value includes: determining an intermediate item according to the random value, the sender private key and the intermediate variable; the signature is determined based on the first digest, the intermediate item, the key generation request message, and the first commitment value.
Optionally, when the verification result is that the first digest and the second digest are equal, generating a session key for the sender and the receiver to perform a session according to the random value and the first promise value, further includes: encrypting a predetermined session using a session key to obtain an encrypted session; the encrypted session is sent to the recipient.
Receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first abstract, the key generation request message and a first promise value, the first abstract is obtained by the sender through a first hash operation mode on the key generation request message, the sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a key system public key, the key system abstract and parameters, and the first promise value is obtained by the sender according to the random value and the parameters; carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode; verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result; and sending the verification result to the sender so that the sender generates a session key for the sender and the receiver to perform the session according to the random value and the first promise value under the condition that the verification result is that the first digest and the second digest are equal to each other.
Optionally, before receiving the key generation request message and the signature sent by the sender, the method further includes: and acquiring a first hash operation mode, a preset linear operation mode and parameters from the key system.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the second promise value by using the first hash operation mode to obtain the second digest: the method comprises the steps of obtaining a sender public key, an intermediate item and a first abstract from a sender.
Optionally, after sending the verification result to the sender, the method further includes: receiving an encrypted session sent by a sender; in case the receiver comprises a session key, the encrypted session is decrypted, resulting in the predetermined session.
The devices herein may be servers, PCs, PAs, handsets, etc.
The application also provides a computer program product adapted to perform, when executed on a data processing device, a program initialized with the method steps of: acquiring a key generation request message; carrying out hash processing on the key generation request message, the sender public key and a first promise value through a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variable is obtained according to a key system public key, a key system abstract and parameters; determining a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value; sending a key generation request message and a signature to a receiver so that the receiver determines whether a first abstract is equal to a second abstract according to the key generation request message, wherein the second abstract is obtained by carrying out hash processing on the key generation request message, a sender public key and a second promise value by a first hash operation mode, and the second promise value is obtained by carrying out linear operation processing on an intermediate item and the sender public key by the receiver by a preset linear operation mode; and receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are equal.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: transmitting the sender identity and the sender public key to a key system; and receiving a part of private keys and a key system abstract sent by the key system, wherein the part of private keys are obtained by the key system according to parameters, the key system abstract and the key system private keys, and the key system abstract is obtained by carrying out hash processing on the sender identity and the sender public key by the key system in a second hash operation mode.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the first promise value by using a first hash operation manner to obtain a first digest: the method comprises the steps of obtaining a first hash operation mode, a key system public key and parameters from a key system, wherein the key system public key is obtained by the key system according to a key system private key and the parameters.
Optionally, determining the signature based on the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value includes: determining an intermediate item according to the random value, the sender private key and the intermediate variable; the signature is determined based on the first digest, the intermediate item, the key generation request message, and the first commitment value.
Optionally, when the verification result is that the first digest and the second digest are equal, generating a session key for the sender and the receiver to perform a session according to the random value and the first promise value, further includes: encrypting a predetermined session using a session key to obtain an encrypted session; the encrypted session is sent to the recipient.
Receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first abstract, the key generation request message and a first promise value, the first abstract is obtained by the sender through a first hash operation mode on the key generation request message, the sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of the private key, the intermediate variable is obtained by the sender according to a key system public key, the key system abstract and parameters, and the first promise value is obtained by the sender according to the random value and the parameters; carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode; verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result; and sending the verification result to the sender so that the sender generates a session key for the sender and the receiver to perform the session according to the random value and the first promise value under the condition that the verification result is that the first digest and the second digest are equal to each other.
Optionally, before receiving the key generation request message and the signature sent by the sender, the method further includes: and acquiring a first hash operation mode, a preset linear operation mode and parameters from the key system.
Optionally, the method further includes, before performing hash processing on the key generation request message, the sender public key, and the second promise value by using the first hash operation mode to obtain the second digest: the method comprises the steps of obtaining a sender public key, an intermediate item and a first abstract from a sender.
Optionally, after sending the verification result to the sender, the method further includes: receiving an encrypted session sent by a sender; in case the receiver comprises a session key, the encrypted session is decrypted, resulting in the predetermined session.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, key system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, C-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (key systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (RAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, read only optical disk read only memory (C-ROM), digital versatile disks (V) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer readable media, as defined herein, does not include transitory computer readable media (random media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises an element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, key system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, C-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the application are to be included in the scope of the claims of the present application.

Claims (13)

1. A method for generating a session key, comprising:
acquiring a key generation request message;
carrying out hash processing on the key generation request message, the sender public key and a first promise value through a first hash operation mode to obtain a first abstract, wherein the first promise value is obtained according to a random value and parameters, the sender public key is obtained according to a sender private key and intermediate variables, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variables are obtained according to a key system public key, a key system abstract and the parameters;
determining a signature according to the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value;
the key generation request message and the signature are sent to a receiver, so that the receiver determines whether the first digest and the second digest are equal according to the key generation request message, wherein the second digest is obtained by carrying out hash processing on the key generation request message by the receiver in the first hash operation mode, the sender public key and a second commitment value, and the second commitment value is obtained by carrying out linear operation processing on the intermediate item by the receiver in the preset linear operation mode and the sender public key;
And receiving a verification result sent by the receiver, and generating a session key of the session between the sender and the receiver according to the random value and the first promise value when the verification result is that the first abstract and the second abstract are equal.
2. The method of claim 1, wherein hashing the key generation request message, the sender public key, and the first commitment value by a first hash operation, before obtaining the first digest, further comprises:
transmitting the sender identity and the sender public key to a key system;
and receiving the partial private key and the key system digest sent by the key system, wherein the partial private key is obtained by the key system according to the parameters, the key system digest and the key system private key, and the key system digest is obtained by performing hash processing on the sender identity and the sender public key by the key system in a second hash operation mode.
3. The method of claim 1, wherein hashing the key generation request message, the sender public key, and the first commitment value by a first hash operation, before obtaining the first digest, further comprises:
The first hash operation mode, the key system public key and the parameter are obtained from a key system, wherein the key system public key is obtained by the key system according to the key system private key and the parameter.
4. The method of claim 1, wherein the determining a signature from the random value, the sender private key, the intermediate variable, the first digest, the key generation request message, and the first commitment value comprises:
determining an intermediate item according to the random value, the sender private key and the intermediate variable;
and determining the signature according to the first digest, the intermediate item, the key generation request message and the first promise value.
5. The method according to any one of claims 1 to 4, wherein, after generating a session key for the sender and the receiver to conduct a session according to the random value and the first commitment value, if the verification result is that the first digest and the second digest are verified to be equal, the method further comprises:
encrypting a predetermined session by using the session key to obtain an encrypted session;
The encrypted session is sent to the recipient.
6. A method for generating a session key, comprising:
receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first digest, the key generation request message and a first promise value, the first digest is obtained by the sender through a first hash operation mode on the key generation request message, a sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of private keys, the intermediate variable is obtained by the sender according to a key system public key, a key system digest and parameters, and the first promise value is obtained by the sender according to the random value and the parameters;
carrying out hash processing on the key generation request message, the sender public key and a second promise value through a first hash operation mode to obtain a second abstract, wherein the second promise value is obtained by carrying out linear operation processing on the intermediate item and the sender public key through a preset linear operation mode;
Verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result;
and sending the verification result to the sender, so that the sender generates a session key for the sender and the receiver to perform a session according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are verified to be equal.
7. The method of claim 6, wherein prior to receiving the key generation request message and signature sent by the sender, further comprising:
and acquiring the first hash operation mode, the preset linear operation mode and the parameters from a key system.
8. The method of claim 6, wherein the hashing the key generation request message, the sender public key, and the second commitment value by a first hashing operation, before obtaining the second digest, further comprises:
and acquiring the sender public key, the intermediate item and the first abstract from the sender.
9. The method according to any one of claims 6 to 8, further comprising, after said transmitting the authentication result to the transmitting side:
Receiving an encryption session sent by the sender;
and in the case that the receiver comprises the session key, decrypting the encrypted session to obtain a predetermined session.
10. A session key generation apparatus, comprising:
the acquisition module is used for acquiring the key generation request message;
the first determining module is configured to hash the key generation request message, the sender public key, and the first promise value to obtain a first digest, where the first promise value is obtained according to a random value and a parameter, the sender public key is obtained according to a sender private key and an intermediate variable, the sender private key is obtained according to the random private key and a part of private keys, and the intermediate variable is obtained according to a key system public key, a key system digest, and the parameter;
the second determining module is used for determining a signature according to the random value, the sender private key, the intermediate variable, the first abstract, the key generation request message and the first promise value;
the first sending module is configured to send the key generation request message and the signature to a receiver, so that the receiver determines whether the first digest and the second digest are equal according to the key generation request message, where the second digest is obtained by performing hash processing on the key generation request message by the receiver in the first hash operation mode, the sender public key, and a second commitment value, and the second commitment value is obtained by performing linear operation processing on the intermediate item and the sender public key by the receiver in a predetermined linear operation mode;
And the generation module is used for receiving a verification result sent by the receiver, and generating a session key for the session between the sender and the receiver according to the random value and the first promise value when the verification result is that the first abstract and the second abstract are equal.
11. A session key generation apparatus, comprising:
the receiving module is used for receiving a key generation request message and a signature sent by a sender, wherein the signature is obtained by the sender according to a random value, a sender private key, an intermediate variable, a first abstract, the key generation request message and a first promise value, the first abstract is obtained by the sender through a first hash operation mode on the key generation request message, a sender public key and the first promise value, the sender public key is obtained by the sender according to the sender private key and the intermediate variable, the sender private key is obtained by the sender according to the random private key and a part of private keys, the intermediate variable is obtained by the sender according to a key system public key, a key system abstract and a parameter, and the first promise value is obtained by the sender according to the random value and the parameter;
The third determining module is configured to perform hash processing on the key generation request message, the sender public key, and a second promise value to obtain a second digest, where the second promise value is obtained by performing linear operation processing on the intermediate item and the sender public key in a predetermined linear operation manner;
the verification module is used for verifying whether the first abstract and the second abstract are equal to each other or not to obtain a verification result;
and the second sending module is used for sending the verification result to the sender so that the sender generates a session key for the sender and the receiver to perform a session according to the random value and the first promise value under the condition that the verification result is that the first abstract and the second abstract are verified to be equal.
12. A processor, characterized in that the processor is configured to run a program, wherein the program runs to perform the method of generating a session key according to any one of claims 1 to 9.
13. An electronic device comprising one or more processors and memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-9.
CN202311162063.2A 2023-09-08 2023-09-08 Session key generation method and device, processor and electronic equipment Pending CN117176329A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311162063.2A CN117176329A (en) 2023-09-08 2023-09-08 Session key generation method and device, processor and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311162063.2A CN117176329A (en) 2023-09-08 2023-09-08 Session key generation method and device, processor and electronic equipment

Publications (1)

Publication Number Publication Date
CN117176329A true CN117176329A (en) 2023-12-05

Family

ID=88944657

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311162063.2A Pending CN117176329A (en) 2023-09-08 2023-09-08 Session key generation method and device, processor and electronic equipment

Country Status (1)

Country Link
CN (1) CN117176329A (en)

Similar Documents

Publication Publication Date Title
US11323276B2 (en) Mutual authentication of confidential communication
US10944575B2 (en) Implicitly certified digital signatures
CN109714167B (en) Identity authentication and key agreement method and equipment suitable for mobile application signature
CN108886468B (en) System and method for distributing identity-based key material and certificates
US9853816B2 (en) Credential validation
CN108199835B (en) Multi-party combined private key decryption method
EP2533457B1 (en) Secure implicit certificate chaining
US9531540B2 (en) Secure token-based signature schemes using look-up tables
US8422670B2 (en) Password authentication method
US11870891B2 (en) Certificateless public key encryption using pairings
CN110113150B (en) Encryption method and system based on non-certificate environment and capable of repudiation authentication
CN110932865B (en) Linkable ring signature generation method based on SM2 digital signature algorithm
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
CN115208586A (en) Secret sharing-based digital signature method and system
US20150006900A1 (en) Signature protocol
US20220038267A1 (en) Methods and devices for secured identity-based encryption systems with two trusted centers
CN108933659A (en) A kind of authentication system and verification method of smart grid
CN111565108B (en) Signature processing method, device and system
CN114070549B (en) Key generation method, device, equipment and storage medium
CN110572257B (en) Identity-based data source identification method and system
CN111245594A (en) Homomorphic operation-based collaborative signature method and system
CN114070550B (en) Information processing method, device, equipment and storage medium
CN112925535A (en) Method and device for installing embedded application of password chip
CN117176329A (en) Session key generation method and device, processor and electronic equipment
CN117714074B (en) Identity authentication system and method based on TLCP, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination