CN104796251B - A kind of management method and equipment of key pair - Google Patents
A kind of management method and equipment of key pair Download PDFInfo
- Publication number
- CN104796251B CN104796251B CN201510149815.0A CN201510149815A CN104796251B CN 104796251 B CN104796251 B CN 104796251B CN 201510149815 A CN201510149815 A CN 201510149815A CN 104796251 B CN104796251 B CN 104796251B
- Authority
- CN
- China
- Prior art keywords
- key
- public key
- key pair
- main
- load
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of management method of key pair and equipment, this method comprises: main KS obtains first key pair, in first key to adding the first key pair in Simultaneous Load, the first key is added in the first redundancy backup protocol massages to Simultaneous Load, and the first redundancy backup protocol massages are sent to standby KS;The first key is to including the first public key and the first private key;The main KS regularly updates key pair, obtains updated second key pair;The main KS adds second key pair in the second key pair Simultaneous Load, the second key pair Simultaneous Load is added in the second redundancy backup protocol massages, and the second redundancy backup protocol massages are sent to the standby KS;Wherein, second key pair includes the second public key and the second private key.In the embodiment of the present invention, without the manually configuring cipher key pair on standby KS, ease for use is improved.And by regularly updating key pair, security of system can be improved.
Description
Technical field
The present invention relates to fields of communication technology, more particularly, to the management method and equipment of a kind of key pair.
Background technique
As shown in Figure 1, for GD VPN, (Group Domain Virtual Private Network, group domain are virtually privately owned
Network) networking structure schematic diagram, GD VPN provides a kind of security model based on group.Group is the set of a security strategy, is belonged to
In same group of all members share identical security strategy, KEK (Key Encryption Key, encryption key it is close
Key), TEK (Traffic Encryption Key, encrypt the key of flow).Further, GD VPN is by KS (Key
Server, key server) and GM (Group Member, group membership) composition, KS manage difference by dividing different group
Security strategy, KEK, TEK etc., and GM obtains security strategy, KEK, TEK etc. from KS by being added corresponding group.
For the safety of the security strategy, KEK, TEK etc. that obtain GM verifying from KS, administrator's needs configure on KS
Key pair (including public key and private key), and public key is sent to GM by KS.KS is sending the letter such as security strategy, KEK, TEK to GM
When breath, signed using private key to information.GM when obtaining the information such as security strategy, KEK, TEK, using public key to sign into
Row verifying, and determine that relevant information is legal when being verified, verifying, obstructed out-of-date determining relevant information is illegal.
It to improve the reliability of GD VPN network, and realizes load balancing, multiple KS can be disposed in GD VPN network, this
A little KS are worked in a manner of redundancy backup.As shown in Fig. 2, be the networking structure schematic diagram of KS redundancy backup, it is standby being mutually redundant
Part one group of KS in, including main KS and at least one for KS.Wherein, main KS is responsible for safeguarding security strategy, KEK, TEK of GM
Etc. information, and the information such as the security strategy of GM, KEK, TEK are sent to standby KS.Main KS and all standby KS can receive GM's
Registration.
Under above-mentioned networking structure, need to create key pair on a KS (such as main KS) by administrator, then by key
It exports, then is imported on other KS (such as each standby KS) to from the KS.Aforesaid way needs administrator to create phase on each KS
Same key pair, time-consuming and laborious, ease for use is poor.Also, due to being human configuration, key pair is not updated for a long time because will appear
Situation influences security of system.
Summary of the invention
The embodiment of the present invention provides a kind of management method of key pair, this method be applied to include master secret server KS and
In the group domain virtual private networks GD VPN of standby KS, it the described method comprises the following steps:
The main KS obtains first key pair, in first key to adding the first key pair in Simultaneous Load, the
The first key is added in one redundancy backup protocol massages to Simultaneous Load, and the first redundancy backup protocol massages are sent out
Give standby KS;The first key is to including the first public key and the first private key;
The main KS regularly updates key pair, obtains updated second key pair;
The main KS adds second key pair in the second key pair Simultaneous Load, in the second redundancy backup agreement report
The second key pair Simultaneous Load is added in text, and the second redundancy backup protocol massages are sent to the standby KS;Its
In, second key pair includes the second public key and the second private key.
Key pair is regularly updated in the main KS, after obtaining updated second key pair, the method is further wrapped
Include: the main KS sends offline notification message to group membership GM, so that the GM is offline and again standby to the main KS or described
KS registration;
When the GM is registered to the main KS again, second public key is sent to the GM by the main KS, so that
Currently used public key is updated to second public key by the GM.
Key pair is regularly updated in the main KS, after obtaining updated second key pair, the method is further wrapped
Include: main KS addition public key in updating Rekey message updates load, and updates in the public key and add described the in load
Two public keys;The main KS sends the Rekey message for carrying second public key to GM, so that the GM is from the Rekey message
In get second public key, currently used public key is updated to the public key and updates the second public key in load.
The method further includes: the main KS is using the private key for obtaining using before second key pair to described
Second public key is signed, and is updated in load in the public key and added the signature so that the GM receive it is described
When Rekey message, the signature in load is updated using public key described in the upper currently used public key verifications of this GM, if verifying is logical
It crosses, then the second public key being updated to currently used public key in the public key update load.
The embodiment of the present invention provides a kind of master secret server KS, virtual applied to the group domain including the main KS and standby KS
In private network GD VPN, the main KS is specifically included:
Module is obtained, for obtaining first key pair, and key pair is regularly updated, obtains updated second key pair;
Wherein, the first key specifically includes the second public key to the first public key and the first private key, second key pair is specifically included
With the second private key;
Sending module, in first key to adding the first key pair in Simultaneous Load, and it is standby in the first redundancy
The first key is added to Simultaneous Load in part protocol massages, and the first redundancy backup protocol massages is sent to described
Standby KS;And second key pair is added in the second key pair Simultaneous Load, and in the second redundancy backup protocol massages
The second key pair Simultaneous Load is added, and the second redundancy backup protocol massages are sent to the standby KS.
The sending module is also used to regularly updating key pair, after obtaining updated second key pair, Xiang Zucheng
Member GM sends offline notification message, so that the GM is offline and registers again to the standby KS of the main KS or described;In GM weight
When newly registering to the main KS, second public key is sent to the GM, so that the GM updates currently used public key
For second public key.
The sending module is also used to regularly updating key pair, after obtaining updated second key pair, is updating
Public key is added in Rekey message and updates load, and is updated in load in the public key and added second public key;It is taken to GM transmission
Rekey message with second public key will work as so that the GM gets second public key from the Rekey message
The preceding public key used is updated to the second public key in the public key update load.
The sending module, further using the private key for obtaining using before second key pair to second public key
It signs, and is updated in load in the public key and add the signature, so that the GM is receiving the Rekey message
When, it if the verification passes then will be current using the signature that public key described in the upper currently used public key verifications of this GM updates in load
The public key used is updated to the second public key in the public key update load.
Based on the above-mentioned technical proposal, in the embodiment of the present invention, under the scene of KS redundancy backup, main KS is automatically by acquisition
Key pair is synchronized to standby KS, without the manually configuring cipher key pair on standby KS, improves ease for use.And by regularly updating key
It is right, security of system can be improved.
Detailed description of the invention
Fig. 1 is GD VPN networking structure schematic diagram in the prior art;
Fig. 2 is the networking structure schematic diagram of KS redundancy backup in the prior art;
Fig. 3 is a kind of management method flow diagram of key pair provided in an embodiment of the present invention;
Fig. 4 is the structural schematic diagram of the main KS provided in the embodiment of the present invention a kind of.
Specific embodiment
Aiming at the problems existing in the prior art, the embodiment of the present invention provides a kind of management method of key pair, is with Fig. 2
The application scenarios schematic diagram of the embodiment of the present invention, this method are applied to the GD including main KS and standby KS (one or more is for KS)
It in VPN, and further include one or more GM in the GD VPN.As shown in figure 3, the management method of the key pair specifically can wrap
Include following steps:
Step 301, main KS obtains first key pair, in first key to adding first key pair in Simultaneous Load, the
First key is added in one redundancy backup protocol massages to Simultaneous Load, and the first redundancy backup protocol massages is sent to standby
KS.Wherein, the first key is to including the first public key and the first private key.
Wherein, first key is to being key pair of the initial configuration on main KS, and first key is to can be administrator's craft
The key pair of creation, or the key pair that main KS is automatically created does not need manual intervention.In administrator's manual creation first
When key pair, administrator can input the order comprising first key pair on main KS, obtain first from the order by main KS
Key pair.Automatically create first key clock synchronization in main KS, can by administrator by hand on main KS input key pair generating algorithm,
The parameters such as key pair length are then generated the first key pair of the key pair length by main KS using the key pair generating algorithm.
Step 302, main KS regularly updates (period of update can be controlled by the configuration of main KS) key pair, after obtaining update
The second key pair, add the second key pair in the second key pair Simultaneous Load, add in the second redundancy backup protocol massages
Add the second key pair Simultaneous Load, and the second redundancy backup protocol massages are sent to standby KS.Wherein, second key pair is specific
Including the second public key and the second private key.
Wherein, the second key pair is the key pair obtained after being updated to currently used key pair, the second key pair
It can be the key pair that administrator updates on main KS, or the key pair that main KS is automatically created does not need manual intervention.
Manual when updating the second key pair on main KS in administrator, administrator can input the life comprising the second key pair on main KS
It enables, obtains the second key pair from the order by main KS.It, can be by administrator's craft when main KS automatically creates the second key pair
The parameters such as key pair generating algorithm, key pair length, update cycle are inputted on main KS, are based on the update cycle, by main KS benefit
The second key pair of the key pair length is generated with the key pair generating algorithm.
In the embodiment of the present invention, by being extended to existing redundancy backup agreement, so that in redundancy backup agreement report
Key pair Simultaneous Load can be carried in text.Wherein it is possible to key pair Simultaneous Load is only carried in redundancy backup protocol massages,
No longer carry other information.Alternatively, on the basis of carrying existing information in redundancy backup protocol massages, in redundancy backup agreement
In message carry key pair Simultaneous Load, for example, carried in the real-time synchronization message based on redundancy backup agreement it is to be synchronized to
On the basis of the information (such as security strategy, KEK, TEK) of standby KS, the synchronous load of the key pair comprising key pair can also be carried
Lotus.
Based on this, first key can individually carry in the first redundancy backup protocol massages Simultaneous Load, and the
One redundancy backup protocol massages are transmitted between main KS and standby KS;Second key pair Simultaneous Load can be carried individually
In second redundancy backup protocol massages, and the second redundancy backup protocol massages are transmitted between main KS and standby KS.Alternatively, the
One key pair Simultaneous Load can carry standby in the first redundancy for having carried other information (such as security strategy, KEK, TEK)
In part protocol massages, and the first redundancy backup protocol massages are transmitted between main KS and standby KS;Second key pair is synchronous to be carried
Lotus can carry in the second redundancy backup protocol massages for having carried other information (such as security strategy, KEK, TEK), and
Second redundancy backup protocol massages are transmitted between main KS and standby KS.
In the embodiment of the present invention, in key pair Simultaneous Load, (i.e. above-mentioned first key is to, the second key for key pair
It is right) data can using standard DER (Distinguished Encoding Rules, can distinguish coding rule) encode,
And its content can defer to PKCS (Public-Key Cryptography Standards, public key cryptography standard) #1 mark
It is quasi-.
In the embodiment of the present invention, for security reasons, passing through redundancy backup protocol massages, (i.e. above-mentioned first is superfluous
Remaining backup protocol message, the second redundancy backup protocol massages) transmitting key pair information when, main KS can also pass through IKE
(Internet Key Exchange, Internet Key Exchange) SA (Security Association, Security Association)
Redundancy backup protocol massages are protected, so that the information to the key pair in redundancy backup protocol massages is carried out compared with high safety
The protection of property.
In the embodiment of the present invention, key pair is regularly updated in main KS, after obtaining updated second key pair, main KS is also
Second public key of the second cipher key pair can be notified to GM, thus by GM using second public key to the Rekey being successfully received
Signature in (update) message is verified.Based on this, main KS can be public by the second of the second cipher key pair in the following way
Key is notified to GM.
Mode one, after key pair automatically updates, main KS actively sends offline notification message to GM, lays equal stress on so that GM is offline
Newly registered to main KS or standby KS.
When GM is registered to main KS again, the second public key is sent to GM by main KS, and GM obtains the second public key, will be currently used
Public key be updated to the second public key, and the signature in the Rekey message being successfully received is verified using the second public key.Or
Person, when GM is registered to standby KS again, the second public key is sent to GM by standby KS, and GM obtains the second public key, by currently used public affairs
Key is updated to the second public key, and is verified using the second public key to the signature in the Rekey message being successfully received.
Mode two, after key pair automatically updates, main KS need to GM send Rekey message when, main KS Rekey report
Public key is added in text and updates load, and is updated in load in public key and added the second public key.Main KS sends to GM and carries the second public key
Rekey message currently used public key is updated to the public key more so that GM gets the second public key from Rekey message
The second public key in new load, and the signature in the Rekey message received is verified using second public key.
Further, for mode two, main KS can also be using the private key for obtaining using before the second key pair (before i.e.
The first private key or the second private key used) the second public key (the second public key of the second i.e. currently available cipher key pair) is carried out
Signature, and updated in load in public key and add the signature.GM is upper currently used using this GM when receiving Rekey message
Public key verifications public key updates the signature in load, if the verification passes, then currently used public key is updated to public key and updates load
The second public key in lotus.
In the embodiment of the present invention, by being extended to Rekey message, public key is carried in Rekey message and updates load,
The second public key is sent to GM by Rekey message, it is smoothly transitted into GM in the transmission process of Rekey message using new
The second public key.Further, which, which updates, may include a signature and the second new public key in load.Wherein, it signs
The value of field is signature of original private key to the second new public key.The second new public key field can encode for the DER of standard,
Defer to PKCS#1 standard.For GM when handling Rekey message, if wherein updating load comprising public key, GM is by verifying wherein
Signature determine whether to trust the second new public key.If the verification passes, then the second new public key verifications Rekey can be used in GM
Signature in message, and the signature in the Rekey message being successfully received is verified using the second new public key.
In the embodiment of the present invention, for main KS after obtaining updated second key pair, main KS will utilize the second private key pair
The Rekey message for being sent to GM is signed;By GM when receiving Rekey message, the second public key pair of this GM acquisition is utilized
Signature in Rekey message is verified.
Wherein, by the information such as strategy safe to carry, KEK, TEK in Rekey message.
Based on the above-mentioned technical proposal, in the embodiment of the present invention, under the scene of KS redundancy backup, main KS is automatically by acquisition
Key pair is synchronized to standby KS, without the manually configuring cipher key pair on standby KS, improves ease for use.And by regularly updating key
It is right, security of system can be improved.
Based on inventive concept same as the above method, a kind of master secret server is additionally provided in the embodiment of the present invention
KS, applied to include the main KS and standby KS group domain virtual private networks GD VPN in, as shown in figure 4, the main KS is specific
Include:
Module 11 is obtained, for obtaining first key pair, and key pair is regularly updated, obtains updated second key
It is right;Wherein, the first key specifically includes the second public affairs to the first public key and the first private key, second key pair is specifically included
Key and the second private key;
Sending module 12, in first key to adding the first key pair in Simultaneous Load, and in the first redundancy
The first key is added in backup protocol message to Simultaneous Load, and the first redundancy backup protocol massages are sent to institute
State standby KS;And second key pair is added in the second key pair Simultaneous Load, and in the second redundancy backup protocol massages
Middle addition the second key pair Simultaneous Load, and the second redundancy backup protocol massages are sent to the standby KS.
The sending module 12 is also used to regularly updating key pair, after obtaining updated second key pair, to group
Member GM sends offline notification message, so that the GM is offline and registers again to the standby KS of the main KS or described;In the GM
Again to the main KS register when, second public key is sent to the GM so that the GM by currently used public key more
It is newly second public key.
The sending module 12 is also used to regularly updating key pair, after obtaining updated second key pair, more
Addition public key updates load in new Rekey message, and updates in load in the public key and add second public key;It is sent to GM
The Rekey message of second public key is carried, so that the GM gets second public key from the Rekey message, it will
Currently used public key is updated to the second public key in the public key update load.
The sending module 12, it is further public to described second using the private key for obtaining using before second key pair
Key is signed, and is updated in load in the public key and added the signature, so that the GM is receiving the Rekey message
When, it if the verification passes then will be current using the signature that public key described in the upper currently used public key verifications of this GM updates in load
The public key used is updated to the second public key in the public key update load.
Wherein, the modules of apparatus of the present invention can integrate in one, can also be deployed separately.Above-mentioned module can close
And be a module, multiple submodule can also be further split into.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can be by
Software adds the mode of required general hardware platform to realize, naturally it is also possible to which by hardware, but in many cases, the former is more
Good embodiment.Based on this understanding, technical solution of the present invention substantially in other words contributes to the prior art
Part can be embodied in the form of software products, which is stored in a storage medium, if including
Dry instruction is used so that a computer equipment (can be personal computer, server or the network equipment etc.) executes this hair
Method described in bright each embodiment.It will be appreciated by those skilled in the art that attached drawing is the schematic diagram of a preferred embodiment,
Module or process in attached drawing are not necessarily implemented necessary to the present invention.It will be appreciated by those skilled in the art that in embodiment
Device in module can according to embodiment describe be distributed in the device of embodiment, corresponding change position can also be carried out
In the one or more devices for being different from the present embodiment.The module of above-described embodiment can be merged into a module, can also be with
It is further split into multiple submodule.The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.With
Upper disclosed several specific embodiments only of the invention, still, the present invention is not limited to this, any those skilled in the art
Member can think of variation should all fall into protection scope of the present invention.
Claims (6)
1. a kind of management method of key pair, it is virtually privately owned that this method is applied to the group domain including master secret server KS and standby KS
In network G D VPN, which is characterized in that the described method comprises the following steps:
The main KS obtains first key pair, superfluous first in first key to adding the first key pair in Simultaneous Load
The first key is added in remaining backup protocol message to Simultaneous Load, and the first redundancy backup protocol massages are sent to
Standby KS;The first key is to including the first public key and the first private key;
The main KS regularly updates key pair, obtains updated second key pair;
The main KS adds second key pair in the second key pair Simultaneous Load, in the second redundancy backup protocol massages
The second key pair Simultaneous Load is added, and the second redundancy backup protocol massages are sent to the standby KS;Wherein, institute
Stating the second key pair includes the second public key and the second private key;
Main KS addition public key in updating Rekey message updates load, and updates in load described in addition in the public key
Second public key;The main KS sends the Rekey message for carrying second public key to GM, so that the GM is reported from the Rekey
Second public key is got in text, and currently used public key is updated to the second public key in the public key update load.
2. the method as described in claim 1, which is characterized in that regularly update key pair in the main KS, obtain updated
After second key pair, the method further includes:
The main KS sends offline notification message to group membership GM, so that the GM is offline and again standby to the main KS or described
KS registration;
When the GM is registered to the main KS again, second public key is sent to the GM by the main KS, so that described
Currently used public key is updated to second public key by GM.
3. the method as described in claim 1, which is characterized in that the method further includes:
The main KS signs to second public key using the private key for obtaining using before second key pair, and in institute
It states in public key update load and adds the signature, so that the GM is when receiving the Rekey message, it is upper current using this GM
Currently used public key is then updated to by the signature that public key described in the public key verifications used updates in load if the verification passes
The public key updates the second public key in load.
4. a kind of master secret server KS, applied to include the main KS and standby KS group domain virtual private networks GD VPN in,
It is characterized in that, the main KS is specifically included:
Module is obtained, for obtaining first key pair, and key pair is regularly updated, obtains updated second key pair;Wherein,
The first key specifically includes the second public key and second to the first public key and the first private key, second key pair is specifically included
Private key;
Sending module, for adding the first key pair in Simultaneous Load, and being assisted in the first redundancy backup in first key
The first key is added to Simultaneous Load in view message, and the first redundancy backup protocol massages is sent to described standby
KS;And second key pair is added in the second key pair Simultaneous Load, and add in the second redundancy backup protocol massages
Add the second key pair Simultaneous Load, and the second redundancy backup protocol massages are sent to the standby KS;
The sending module is also used to regularly updating key pair, after obtaining updated second key pair, is updating
Public key is added in Rekey message and updates load, and is updated in load in the public key and added second public key;It is taken to GM transmission
Rekey message with second public key will work as so that the GM gets second public key from the Rekey message
The preceding public key used is updated to the second public key in the public key update load.
5. main KS as claimed in claim 4, which is characterized in that
The sending module is also used to regularly updating key pair, after obtaining updated second key pair, to group membership GM
Offline notification message is sent, so that the GM is offline and registers again to the standby KS of the main KS or described;The GM again to
When the main KS is registered, second public key is sent to the GM, so that currently used public key is updated to institute by the GM
State the second public key.
6. main KS as claimed in claim 4, which is characterized in that
The sending module further carries out second public key using the private key for obtaining using before second key pair
Signature, and updated in load in the public key and add the signature, so that the GM is when receiving the Rekey message, it is sharp
The signature that the public key described in the upper currently used public key verifications of this GM updates in load if the verification passes then will be currently used
Public key be updated to the public key and update the second public key in load.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510149815.0A CN104796251B (en) | 2015-03-31 | 2015-03-31 | A kind of management method and equipment of key pair |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510149815.0A CN104796251B (en) | 2015-03-31 | 2015-03-31 | A kind of management method and equipment of key pair |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104796251A CN104796251A (en) | 2015-07-22 |
CN104796251B true CN104796251B (en) | 2019-06-07 |
Family
ID=53560784
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510149815.0A Active CN104796251B (en) | 2015-03-31 | 2015-03-31 | A kind of management method and equipment of key pair |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104796251B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106255103A (en) * | 2016-07-29 | 2016-12-21 | 华为技术有限公司 | A kind of method of data synchronization and equipment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7827262B2 (en) * | 2005-07-14 | 2010-11-02 | Cisco Technology, Inc. | Approach for managing state information by a group of servers that services a group of clients |
CN102904901A (en) * | 2012-10-29 | 2013-01-30 | 杭州华三通信技术有限公司 | Method for synchronizing IPsec SA, group member and group secret server |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7362868B2 (en) * | 2000-10-20 | 2008-04-22 | Eruces, Inc. | Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data |
US8300831B2 (en) * | 2010-04-26 | 2012-10-30 | International Business Machines Corporation | Redundant key server encryption environment |
-
2015
- 2015-03-31 CN CN201510149815.0A patent/CN104796251B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7827262B2 (en) * | 2005-07-14 | 2010-11-02 | Cisco Technology, Inc. | Approach for managing state information by a group of servers that services a group of clients |
CN102904901A (en) * | 2012-10-29 | 2013-01-30 | 杭州华三通信技术有限公司 | Method for synchronizing IPsec SA, group member and group secret server |
Also Published As
Publication number | Publication date |
---|---|
CN104796251A (en) | 2015-07-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20240113877A1 (en) | Blockchain-implemented method and system | |
KR101936080B1 (en) | Ksi-based authentication and communication method for secure smart home environment and system therefor | |
CN109257182B (en) | Privacy protection method based on homomorphic cryptography commitment and zero knowledge range certification | |
CN103118027B (en) | The method of TLS passage is set up based on the close algorithm of state | |
CN110943957B (en) | Safety communication system and method for vehicle intranet | |
CN105871538B (en) | Quantum key distribution system, quantum key delivering method and device | |
CN103621126B (en) | The method and apparatus that machine to machine service is provided | |
CN103338215B (en) | The method setting up TLS passage based on the close algorithm of state | |
CN114730420A (en) | System and method for generating signatures | |
CN101409619B (en) | Flash memory card and method for implementing virtual special network key exchange | |
CN105721153B (en) | Key exchange system and method based on authentication information | |
CN105873031A (en) | Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform | |
CN103959735A (en) | Systems and methods for providing secure multicast intra-cluster communication | |
US20190394029A1 (en) | Authenticating Secure Channel Establishment Messages Based on Shared-Secret | |
DE112019001441T5 (en) | FORGETTABLE PSEUDO ACCIDENT FUNCTION IN A KEY MANAGEMENT SYSTEM | |
CN106130716A (en) | Cipher key exchange system based on authentication information and method | |
CN106341232A (en) | Anonymous entity identification method based on password | |
CN111756530B (en) | Quantum service mobile engine system, network architecture and related equipment | |
CN109474613A (en) | A kind of Expressway Information publication private network security hardened system of identity-based certification | |
CN103634788A (en) | Certificateless multi-proxy signcryption method with forward secrecy | |
CN109587100A (en) | A kind of cloud computing platform user authentication process method and system | |
CN106060073A (en) | Channel key negotiation method | |
CN113411187A (en) | Identity authentication method and system, storage medium and processor | |
Elemam et al. | Formal verification for a PMQTT protocol | |
CN116527279A (en) | Verifiable federal learning device and method for secure data aggregation in industrial control network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant before: Huasan Communication Technology Co., Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |