CN107395349A - A kind of block chain network cryptographic key distribution method based on self-certified public key system - Google Patents

Abstract

The invention discloses a kind of block chain network cryptographic key distribution method based on self-certified public key system, comprise the following steps：（1）System initialization, TA nodes produce and announce respective block chain network systematic parameter, then complete the distribution of block catenary system master key by multiple KDC node cooperations；（2）The user's registration of block chain is carried out, the user node u for participating in block chain business network first has to carry out offline registration at TA nodes, audits its identity by TA nodes and issues registration voucher；（3）Block chain user key is distributed, multiple distributed key distribution center nodes transmission key request of the user node into network, after KDC's checking request, distributes corresponding user key to the user node.The invention provides safer and more flexible Key Issuance mechanism, the block chain business operation for safety provides Cryptographic Assurance About, is adapted to the block chain network participated in large-scale consumer node, and have stronger exploitativeness.

Description

A kind of block chain network cryptographic key distribution method based on self-certified public key system

Technical field

The present invention relates to netkey administrative skill field, more particularly to a kind of block chain based on self-certified public key system Netkey distribution method.

Background technology

Block chain is the core support technology using bit coin as the digital encryption currency system of representative.The core of block chain technology Heart advantage is decentralization, can be encrypted, the means such as timestamp, distributed common recognition and economic incentives, saved by maintenance data The point-to-point transaction based on decentralization credit, coordination are realized in the distributed system that point need not trust each other with cooperating, so as to Solution is provided to solve the problems such as high cost of centralization mechanism generally existing, poor efficiency and data storage are dangerous.

With the fast development of bit coin in recent years and popularization, research and the application of block chain technology also show explosion type Growing trend, it is considered to be the 5th top of normal form is calculated after large scale computer, PC, internet, movement/social networks Formula innovation is covered, is the 4th mileage on mankind's credit evolutionary history after blood relation's credit, noble metal credit, Central Bank's paper credit Upright stone tablet.Blank of the block chain technology as cloud computing of future generation, it will be expected to as internet thoroughly remold human social activity's shape State, and realize the transformation from current information interconnected network to value internet.

Block chain technology originates from 2008, not yet forms the generally acknowledged block chain definition of industry at present.For narrow sense, block Chain be it is a kind of data block is combined into specific data structure in a manner of chain sequentially in time, and protected in a manner of cryptography General ledger (Decentralized shared ledger), Neng Gouan are shared in the decentralization that can not be distorted He can not forge of card It is complete to store data simple, having precedence relationship, being verified in system.

The block chain technology of broad sense is verified with data storage, saved using distribution using chain type block structure is encrypted Point common recognition algorithm programs one kind with operation data to generate and update the data, using automatized script code (intelligent contract) Brand-new decentralization architecture and Distributed Calculation normal form.

Block chain has the characteristics that decentralization, time series data, collective's maintenance, programmable and secure and trusted.Go first Centralization：The processes such as checking, book keeping operation, storage, maintenance and the transmission of block chain data are all based on distributed system architecture, use Pure mathematical method rather than central authority establish the trusting relationship between distributed node, so as to form the trusted of decentralization Distributed system；Next to that time series data：Block chain use with timestamp chain type block structure data storage, so as to for Data add time dimension, have extremely strong verifiability and trackability；3rd is that collective safeguards：Block catenary system uses Specific economic limit water cut ensures that all nodes in distributed system each may participate in verification process (such as bit of data block The digging ore deposit process of coin), and select specific node that new block is added into block chain by knowing together algorithm；4th is to compile Journey：Block chain technology can provide flexible scripted code system, support user create advanced intelligent contract, currency or other go Centralization application.For example, ether mill (Ethereum) platform is to provide the figure complete script of spirit so that user builds It is any can be with the intelligent contract or type of transaction of explication；It is finally secure and trusted：Block chain technology uses asymmetric cryptography Learn principle data are encrypted, while the common recognition algorithm formation such as proof of work by each node of distributed system is powerful Calculation power is to resist external attack, guarantee block chain data can not distort and can not forge, thus has higher security.

It is, in general, that block catenary system is made up of data Layer, Internet, common recognition layer, excitation layer, contract layer and application layer. Wherein, data Layer encapsulates the technologies such as data encryption and the timestamp of bottom data block and correlation；Internet then includes dividing Cloth networking mechanism, data dissemination mechanism and data authentication mechanism etc.；All kinds of common recognitions of common recognition layer predominant package network node are calculated Method；Economic factor is integrated into block chain technical system by excitation layer, main issuing mechanism and distribution including economic incentives Mechanism etc.；All kinds of scripts of contract layer predominant package, algorithm and intelligent contract, it is the basis of block chain programmable features；Application layer Then encapsulate the various application scenarios and case of block chain.Chain type block structure, the common recognition of distributed node based on timestamp The intelligent contract of mechanism, the economic incentives based on common recognition calculation power and flexible programmable is the most representational innovation of block chain technology Point.

At present, security threat is the sixty-four dollar question that block chain is faced so far, the secret protection of block chain There is also security risks.Each node is not full energy matries in block catenary system, but passes through the ground of similar e-mail address Sender is required for transaction when location identifies (such as bit coin public key address) to realize transmission of transaction data, while merchandise every time Information is signed, and recipient needs to carry out sign test after receiving Transaction Information, to prove the credibility of transaction business, prevents falseness Business is spread unchecked, while in order to adapt to the needs of different transaction scenes, block chain business needs to enter on the basis of safeguard protection Industry business is evolved, such as encrypted transaction message, multiple party signatures etc., and these safety services are required for using one or more correlations Privacy key, and then the distribution or generation of key need a reliable key management mechanism.

The content of the invention

To solve existing technical problem, the embodiment of the present invention provides a kind of block based on self-certified public key system Chain network cryptographic key distribution method, it is safe, flexible, and can preferably be embedded into existing block chain operation system, reduces Implementation cost, there is stronger exploitativeness.

To reach above-mentioned purpose, what the technical scheme of the embodiment of the present invention was realized in：

A kind of block chain network cryptographic key distribution method based on self-certified public key system, comprises the following steps：

Step 1, system initialization

TA nodes produce and announce respective block chain network systematic parameter, then complete area by multiple KDC node cooperations The distribution of block catenary system master key；

Step 2, the user's registration for carrying out block chain

The user node u for participating in block chain business network first has to carry out offline registration at TA nodes, is examined by TA nodes Its identity of core simultaneously issues registration voucher；

Step 3, the distribution of block chain user key

Multiple distributed key distribution center nodes of the user node into network send key request, KDC After checking request, distribute corresponding user key to the user node.

Further, step 1 specifically includes：

Step 10, block catenary system parameter are established

Define the security system parameter needed for the key distribution mechanism of whole block chain network；

Step 11, the distribution of block catenary system master key

First, n KDC node generates system master key s by distributed collaborative, and then each KDC nodes calculate itself Secret shadow.

Further, step 11 specifically comprises the following steps：

Step 110, each KDC node is (i=1,2 ..., n) one secret (t-1) rank multinomial of construction：

f_i(x)=d_i+a_i,1x+a_i,2x²+…+a_i,t-1x^t-1(mod q) (2)

Wherein, a_i,j∈Z_q ^*(j=1,2 ..., t-1)；Then calculate and announce the public key P of itself_i=d_iP；

Step 111, KDC node is calculate and safely send the sub-secret share s of other KDC nodes j (j ≠ i)_i,j=f_i (j), then calculate and send corresponding experimental evidence V_i,0=d_iP, V_i,j=a_i,jP (j=1,2 ..., t-1)；

Step 112 ,] KDC nodes j receives the sub-secret share s from KDC node is_i,jAnd after experimental evidence, utilize formula (3) its validity is verified；

It is effective then receive, otherwise distribute again.

Further, step 2 specifically comprises the following steps：

Step 20, user u select a secret random number w_u∈Z_q ^*, calculate evidence W_u=w_uP, then by { ID_u、W_uCarry Give TA nodes；

After step 21, TA nodes receive user u log-on message, if auditing its identity not by refusal user u；Otherwise Calculate user u registration voucher Cer_u=d_TAV_u, wherein, V_u=H₀(ID_u||ID_TA||T_u,W_u), T_uTo register voucher Cer_uConjunction The method time limit；Then by { Cer_u、T_uIt is sent to user u；

After step 22, user u receive the registration voucher of TA nodes return, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and Utilize the public key P of TA nodes_TARegistration voucher Cer is verified by formula (4)_uValidity；

It is verified and then receives registration voucher Cer_u, otherwise re-register.

Further, step 3 specifically comprises the following steps：

Step 30, user u select t secret random number k_i∈_RZ_q ^*；CalculateWith r=kP；Then auxiliary is calculated Key K_ui=H₁(w_uP_i), auxiliary information Y_ui=K_ui⊕k_iAnd authentication information R_ui=H_Kui(Y_ui)；Then by { ID_u、ID_TA、T_u、 W_u、Cer_u、r、Y_ui、R_uiIt is sent to node KDC_i(i=1,2 ..., t)；

Step 31, node KDC_iAfter the cipher key request information for receiving user u, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and Checking registration voucher Cer_uLegitimacy；Then K is calculated_ui'=H₁(d_iW_u) and R_ui'=H_Kui'(Y_ui), and verified by formula (5) Y_uiValidity；

It is above-mentioned be verified after, receive user u request, otherwise refuse；

Step 32, user u receive node KDC_iAfter the signing messages of transmission, S is calculated_ui'=H_Kui(E_ui), and pass through formula (7) Verify E_uiValidity；

Then signature e is recovered_i=K_ui⊕E_ui, calculate X_i=r_ir_x+e_iP simultaneously utilizes node KDC_iPublic key P_iAnd open letter Cease s_j,iP (j=t+1 ..., n) pass through formula (8) checking signature e_iValidity；

After being verified, receive signature e_i, otherwise resubmit key request.

The beneficial effect of technical scheme provided in an embodiment of the present invention is：

Block chain network cryptographic key distribution method of the invention based on self-certified public key system provides safer and more flexible Key Issuance mechanism, for safety block chain business operation Cryptographic Assurance About is provided, be adapted to have large-scale consumer node participation Block chain network, such as alliance's block chain and publicly-owned block chain, on the premise of large-scale redevelopment system is not needed, the present invention Key distribution function can preferably be embedded into existing block chain operation system, reduce implementation cost, have it is stronger Exploitativeness.

Brief description of the drawings

In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also To obtain other accompanying drawings according to these accompanying drawings.

Fig. 1 is the block catenary system management structure without complete trusted key Distribution Center；

Fig. 2 is that have 5 block catenary system master key distribution procedure schematic diagrames without complete trusted key Distribution Center；

Fig. 3 is the block chain key distribution overall process schematic diagram of the present invention；

Fig. 4 is the block chain cipher key user registration process of the present invention；

Fig. 5 A are the block chain key request process schematics of the present invention；

Fig. 5 B are the block chain key distribution procedure schematic diagrames of the present invention.

Embodiment

To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing to embodiment party of the present invention Formula is described in further detail.

, it is necessary to dispose trusted party or private key generation center (private key in key managing project Generator, PKG) carry out the private key of dispatch user or the identity of certification user, block chain network are no exception.Fig. 1 show nothing The block catenary system management structure of complete trusted key Distribution Center, Fig. 2 are that prior art has 5 without complete trusted key point The block catenary system master key distribution procedure schematic diagram at hair center, it is assumed that block chain network is made up of N number of node, is designated as U= { ID1, ID2 ..., IDN }, IDi (1≤i≤N) represent i-th of user, TA or KDC nodes globally unique identity in a network Mark.The present invention carries out the function of single PKG nodes decentralized distributed treatment, by n KDC (key Distribution center, KDC) node and trusted authority mechanism (trusted authority, a TA) node on behalf of Perform, so as to avoid block catenary system from only relying upon the problem of single PKG nodes are also easy to produce single point failure, and mitigate single The burden of PKG nodes.

Shown in reference picture 3, the block chain network cryptographic key distribution method of the invention based on self-certified public key system includes as follows Step：

Step 1, system initialization

First, TA nodes produce and announce respective block chain network systematic parameter, then by multiple KDC node cooperations Lai complete Into the distribution of block catenary system master key, and after the completion of initialization, TA nodes will be in offline (off-line) state.This hair Bright is in embodiment, it is assumed that the node that the distribution of system master key is participated in block chain network is n (1≤n≤N) individual KDC nodes, its Threshold value is t (t≤n≤2t-1).

Specifically, the system initialization comprises the following steps：

Step 10, block catenary system parameter are established；

Systematic parameter establishes the safety that process is used mainly to define needed for the key distribution mechanism of whole block chain network System parameter.

First, TA joint structures meet the Bilinear map ê of GDH (gap Diffie-Hellman) group property:G1×G1→ G2.The generation point that P is group G1 is made, while constructs the one-way hash function of lower big powers impact resistant：

H0:{0,1}*×G1*→G1*；

H1:G1*→Zq*；

H2:{0,1}*×G1*→Zq*；

Hk:{ 0,1 } * → Zq*,

Wherein k is auxiliary key；

Then randomly choose n secret number di ∈ Zq* and be securely distributed to corresponding KDC node is (i=1,2 ..., n)；System public key is calculated by formula (1) again

Then, the private key dTA ∈ Zq* of itself are randomly choosed, and calculate public key PTA=dTAP；Then delete all secret Close several di (i=1,2 ..., n) simultaneously announce block catenary system parameter { G1, G2, ê, P, Ppub, PTA, H0, H1, H2, Hk }.

Step 11, the distribution of block catenary system master key

System master key distribution procedure is mainly used in when block chain business network is established, and the master for initializing whole system is close Key (public/private keys to), got ready for the distribution of follow-up key, the master key of whole system equivalent to system root key, The whole network is credible, when can be used for follow-up block chain network operation, verifies the user key distributed in network.

First, n KDC node generates system master key s by distributed collaborative, and then each KDC nodes calculate itself (on master key s's) secret shadow, specific distributing step is as follows：

Step 110, each KDC node is (i=1,2 ..., n) one secret (t-1) rank multinomial of construction：

f_i(x)=d_i+a_i,1x+a_i,2x²+…+a_i,t-1x^t-1(mod q) (2)

Wherein, a_i,j∈Z_q ^*(j=1,2 ..., t-1)；Then calculate and announce the public key P of itself_i=d_iP。

Step 111, KDC node is calculate and safely send the sub-secret share s of other KDC nodes j (j ≠ i)_i,j=f_i (j), then calculate and send corresponding experimental evidence V_i,0=d_iP, V_i,j=a_i,jP (j=1,2 ..., t-1).

Step 112 ,] KDC nodes j receives the sub-secret share s from KDC node is_i,jAnd after experimental evidence, utilize formula (3) its validity is verified.

It is effective then receive, otherwise distribute again, receive all other n-1 sub- secret shadow s_i,jAfter (j ≠ i), institute is preserved There is sub-secret share and announce s_i,jP；Finally, the sub-secret share s of itself is combined_j,jCalculate the secret shadow of itself

By said process, system safely establishes master key s, moreover, according to any t secret shadow s_iJust can weight Structure goes out system master keySystem public key P_pub=sP.

Step 2, the user's registration for carrying out block chain

User registration course is mainly used in auditing the identity information of user node, only true enough and satisfactory section Point could add block chain network, and after auditing user node identity, system can issue a registration voucher, for subsequently participating in net The behavior checking of network activity, this process can be carried out in a manner of online or be offline.

Shown in reference picture 4, before dispatch user key, it is intended to participate in user node u (its body of block chain business network Part is identified as IDu) TA nodes (its identity is IDTA) place progress offline registration is first had to, its identity is audited by TA nodes And issue registration voucher.Comprise the following steps that：

Step 20, user u select a secret random number w_u∈Z_q ^*, calculate evidence W_u=w_uP, then by { ID_u、W_uCarry Give TA nodes；

After step 21, TA nodes receive user u log-on message, if auditing its identity not by refusal user u；Otherwise Calculate user u registration voucher Cer_u=d_TAV_u, wherein, V_u=H₀(ID_u||ID_TA||T_u,W_u), T_uTo register voucher Cer_uConjunction The method time limit；Then by { Cer_u、T_uIt is sent to user u；

After step 22, user u receive the registration voucher of TA nodes return, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and Utilize the public key P of TA nodes_TARegistration voucher Cer is verified by formula (4)_uValidity.

It is verified and then receives registration voucher Cer_u, otherwise re-register.

Step 3, the distribution of block chain user key

User key distribution procedure is mainly used in (asymmetric close to participate in the user node of block chain network distribution key Key, public/private keys to), multiple distributed key distribution center nodes of the user node into network send key request, key After Distribution Center's checking request, distribute corresponding user key (public/private keys to) to the user node.Key distribution function by Multiple block chain network entities are taken on jointly, the problem of can avoiding single point failure.

In order to obtain private key SK_u, user u needs to select t KDC node and to submit key request, assumes in the present embodiment The t KDC node chosen is node KDC_i, its public key is P_i(i=1,2 ..., t).Specific distributing step is as follows：

Step 30, user u select t secret random number k_i∈_RZ_q ^*；CalculateAnd r=kP；Then calculate auxiliary Help key K_ui=H₁(w_uP_i), auxiliary information Y_ui=K_ui⊕k_iAnd authentication information R_ui=H_Kui(Y_ui)；Then by { ID_u、ID_TA、 T_u、W_u、Cer_u、r、Y_ui、R_uiIt is sent to node KDC_i(i=1,2 ..., t)；

Step 31, node KDC_iAfter the cipher key request information for receiving user u, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and Registration voucher Cer is verified by formula (4)_uLegitimacy；Then K is calculated_ui'=H₁(d_iW_u) and R_ui'=H_Kui'(Y_ui), and pass through Formula (5) verifies Y_uiValidity.

It is above-mentioned be verified after, receive user u request, otherwise refuse.Then k is calculated_i=K_ui'⊕Y_uiWith signature e_i。

Wherein, r_xFor coordinates of the point r in x-axis；Further, auxiliary information E is calculated_ui=K_ui'⊕e_iAnd authentication information S_ui=H_Kui'(E_ui)；Then by { E_ui、S_uiIt is sent to user u；

Step 32, user u receive node KDC_iAfter the signing messages of transmission, S is calculated_ui'=H_Kui(E_ui), and pass through formula (7) Verify E_uiValidity.

Then signature e is recovered_i=K_ui⊕E_ui, calculate X_i=r_ir_x+e_iP simultaneously utilizes node KDC_iPublic key P_iAnd open letter Cease s_j,iP (j=t+1 ..., n) pass through formula (8) checking signature e_iValidity.

It is above-mentioned be verified after, receive signature e_i, otherwise resubmit key request.Receive t effective signature e_iAfterwards, CalculateAnd private key SK is calculated by formula (9)_u。

SK_u=w_u+e+k (9)

Further, E=eP is calculated, and generates the public key PK of itself_u={ W_u, E, r }, followed by block chain network system Unite public key P_pubIts validity is verified by formula (10).

Or utilize the private key SK of itself_uIt is verified by formula (11).

SK_uP=W_u+E+r (11)

It is above-mentioned be verified after, show public key PK_u={ W_u, E, r } and it is effective, otherwise recalculate public key PK_u。

By said process, block chain user u can obtain the believable public/private keys of the whole network in the block catenary system of oneself To { PK_u, SK_u}.Key needed for follow-up other subsystems can be block chain business system by this key to further expanding System provides support.

In the embodiment of the present invention, the key distributed is unsymmetrical key, can be that subsequent zone block chain service communication uses, For example, generate wallet account etc. and make basis.

Block chain key request process and key distribution when Fig. 5 A, Fig. 5 B is are (n, t)=(5,3) with thresholding t=3 Process schematic.In Fig. 5 A, user node transmits key distribution request message to KDC nodes, calculates auxiliary information, authentication information Deng being sent to node KDC_i(i=0,1,2 ..., 4).Fig. 5 B are that KDC nodes transmit key generation message, section to user node Point KDC_iAfter the cipher key request information for receiving user, by calculating, checking, user is then sent to.

In step 3, distribute use by the registration evidence of user and based on the group signature method of elliptic curve cryptosystem Family private key, because single KDC is merely able to generating portion private key for user, even if multiple KDCs combine To crack, the complete private key of user can not be also obtained, overcomes key escrow present in identity-based cipher key scheme.Separately Outside, the public key of distribution has Self-certified, realizes client public key and signature verification in logic single step while completes.

The embodiment of the present invention by introducing Identity- based cryptography, threshold cryptography model and Bilinear map mechanism, and Use for reference self-certified public key concept and group ranking thought, for block chain network provide one newly based on self-certified public key system The thresholding cryptographic key distribution method without complete trusted key Distribution Center.In the present embodiment, PKG is common by multiple network entities Take on, avoid single point failure problem；And system master key is protected using threshold cryptography model, system has well fault-tolerant Property；In addition, by the registration evidence of user and based on the group signature method of elliptic curve cryptosystem come dispatch user private key, by In being merely able to generating portion private key for user, even if multiple KDCs join together to crack, the complete of user can not be also obtained Whole private key, overcome key escrow present in IBC schemes.Meanwhile the public key of the inventive method generation has Self-certified Property, client public key and signature verification are realized in logic single step while are completed；In key distribution procedure, centre can be resisted The various attacks such as people's attack, identity personation, the confederate crack, message-replay and passive wiretapping；Be effectively saved computing resource and Network bandwidth.

It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or computer program Product.Therefore, the shape of the embodiment in terms of the present invention can use hardware embodiment, software implementation or combination software and hardware Formula.Moreover, the present invention can use the computer for wherein including computer usable program code in one or more to use storage The form for the computer program product that medium is implemented on (including but is not limited to magnetic disk storage and optical memory etc.).

The present invention is the flow with reference to method according to embodiments of the present invention, equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that can be by every first-class in computer program instructions implementation process figure and/or block diagram Journey and/or the flow in square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided The processors of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that produced by the instruction of computer or the computing device of other programmable data processing devices for real The device for the function of being specified in present one flow of flow chart or one square frame of multiple flows and/or block diagram or multiple square frames.

These computer program instructions, which may be alternatively stored in, can guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works so that the instruction being stored in the computer-readable memory, which produces, to be included referring to Make the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one square frame of block diagram or The function of being specified in multiple square frames.

These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented processing, so as in computer or The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in individual square frame or multiple square frames.

The all or part of above-mentioned technical proposal provided in an embodiment of the present invention can pass through the related hardware of programmed instruction To complete, described program can be stored in the storage medium that can be read, and the storage medium includes：ROM, RAM, magnetic disc or light Disk etc. is various can be with the medium of store program codes.

The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all the present invention spirit and Within principle, any modification, equivalent substitution and improvements made etc., it should be included in the scope of the protection.

Claims (5)

1. a kind of block chain network cryptographic key distribution method based on self-certified public key system, it is characterised in that comprise the following steps：

Step 1, system initialization

TA nodes produce and announce respective block chain network systematic parameter, then complete block chain by multiple KDC node cooperations The distribution of system master key；

Step 2, the user's registration for carrying out block chain

The user node u for participating in block chain business network is first had to carry out offline registration at TA nodes, and it is audited by TA nodes Identity simultaneously issues registration voucher；

Step 3, the distribution of block chain user key

Multiple distributed key distribution center nodes of the user node into network send key request, KDC's checking After request, distribute corresponding user key to the user node.

2. the block chain network cryptographic key distribution method according to claim 1 based on self-certified public key system, its feature exist In step 1 specifically includes：

Step 10, block catenary system parameter are established

Define the security system parameter needed for the key distribution mechanism of whole block chain network；

Step 11, the distribution of block catenary system master key

First, n KDC node generates system master key s by distributed collaborative, and then each KDC nodes calculate the secret of itself Close share.

3. the block chain network cryptographic key distribution method according to claim 2 based on self-certified public key system, its feature exist In step 11 specifically comprises the following steps：

Step 110, each KDC node is (i=1,2 ..., n) one secret (t-1) rank multinomial of construction：

f_i(x)=d_i+a_i,1x+a_i,2x²+…+a_i,t-1x^t-1(mod q) (2)

Wherein, a_i,j∈Z_q ^*(j=1,2 ..., t-1)；Then calculate and announce the public key P of itself_i=d_iP；

Step 111, KDC node is calculate and safely send the sub-secret share s of other KDC nodes j (j ≠ i)_i,j=f_i(j), Then calculate and send corresponding experimental evidence V_i,0=d_iP, V_i,j=a_i,jP (j=1,2 ..., t-1)；

Step 112 ,] KDC nodes j receives the sub-secret share s from KDC node is_i,jAnd after experimental evidence, tested using formula (3) Demonstrate,prove its validity；

<mrow> <msub> <mi>s</mi> <mrow> <mi>i</mi> <mo>,</mo> <mi>j</mi> </mrow> </msub> <mi>P</mi> <mover> <mo>=</mo> <mo>?</mo> </mover> <msub> <mi>V</mi> <mrow> <mi>i</mi> <mo>,</mo> <mn>0</mn> </mrow> </msub> <mo>+</mo> <msubsup> <mo>&amp;Sigma;</mo> <mrow> <mi>k</mi> <mo>=</mo> <mn>1</mn> </mrow> <mrow> <mi>t</mi> <mo>-</mo> <mn>1</mn> </mrow> </msubsup> <msup> <mi>j</mi> <mi>k</mi> </msup> <msub> <mi>V</mi> <mrow> <mi>i</mi> <mo>,</mo> <mi>k</mi> </mrow> </msub> <mo>-</mo> <mo>-</mo> <mo>-</mo> <mrow> <mo>(</mo> <mn>3</mn> <mo>)</mo> </mrow> </mrow>

It is effective then receive, otherwise distribute again.

4. the block chain network cryptographic key distribution method according to claim 3 based on self-certified public key system, its feature exist In step 2 specifically comprises the following steps：

Step 20, user u select a secret random number w_u∈Z_q ^*, calculate evidence W_u=w_uP, then by { ID_u、W_uSubmit to TA Node；

After step 21, TA nodes receive user u log-on message, if auditing its identity not by refusal user u；Otherwise calculate User u registration voucher Cer_u=d_TAV_u, wherein, V_u=H₀(ID_u||ID_TA||T_u,W_u), T_uTo register voucher Cer_uThe legal phase Limit；Then by { Cer_u、T_uIt is sent to user u；

After step 22, user u receive the registration voucher of TA nodes return, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and utilize TA The public key P of node_TARegistration voucher Cer is verified by formula (4)_uValidity；

<mrow> <mover> <mi>e</mi> <mo>^</mo> </mover> <mrow> <mo>(</mo> <msub> <mi>Cer</mi> <mi>u</mi> </msub> <mo>,</mo> <mi>P</mi> <mo>)</mo> </mrow> <mover> <mo>=</mo> <mo>?</mo> </mover> <mover> <mi>e</mi> <mo>^</mo> </mover> <mrow> <mo>(</mo> <msub> <mi>V</mi> <mi>u</mi> </msub> <mo>,</mo> <msub> <mi>P</mi> <mrow> <mi>T</mi> <mi>A</mi> </mrow> </msub> <mo>)</mo> </mrow> <mo>-</mo> <mo>-</mo> <mo>-</mo> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> </mrow>

It is verified and then receives registration voucher Cer_u, otherwise re-register.

5. the block chain network cryptographic key distribution method according to claim 4 based on self-certified public key system, its feature exist In step 3 specifically comprises the following steps：

Step 30, user u select t secret random number k_i∈_RZ_q ^*；CalculateAnd r=kP；Then it is close to calculate auxiliary Key K_ui=H₁(w_uP_i), auxiliary informationAnd authentication information R_ui=H_Kui(Y_ui)；Then by { ID_u、ID_TA、T_u、 W_u、Cer_u、r、Y_ui、R_uiIt is sent to node KDC_i(i=1,2 ..., t)；

Step 31, node KDC_iAfter the cipher key request information for receiving user u, V is calculated_u=H₀(ID_u||ID_TA||T_u,W_u), and verify Register voucher Cer_uLegitimacy；Then K is calculated_ui'=H₁(d_iW_u) and R_ui'=H_Kui'(Y_ui), and Y is verified by formula (5)_ui's Validity；

<mrow> <msub> <mi>R</mi> <mrow> <mi>u</mi> <mi>i</mi> </mrow> </msub> <mover> <mo>=</mo> <mo>?</mo> </mover> <msup> <msub> <mi>R</mi> <mrow> <mi>u</mi> <mi>i</mi> </mrow> </msub> <mo>&amp;prime;</mo> </msup> <mo>-</mo> <mo>-</mo> <mo>-</mo> <mrow> <mo>(</mo> <mn>5</mn> <mo>)</mo> </mrow> </mrow>

It is above-mentioned be verified after, receive user u request, otherwise refuse；

Step 32, user u receive node KDC_iAfter the signing messages of transmission, S is calculated_ui'=H_Kui(E_ui), and verified by formula (7) E_uiValidity；

<mrow> <msub> <mi>S</mi> <mrow> <mi>u</mi> <mi>i</mi> </mrow> </msub> <mover> <mo>=</mo> <mo>?</mo> </mover> <msup> <msub> <mi>S</mi> <mrow> <mi>u</mi> <mi>i</mi> </mrow> </msub> <mo>&amp;prime;</mo> </msup> <mo>-</mo> <mo>-</mo> <mo>-</mo> <mrow> <mo>(</mo> <mn>7</mn> <mo>)</mo> </mrow> </mrow>

Then signature is recoveredCalculate X_i=r_ir_x+e_iP simultaneously utilizes node KDC_iPublic key P_iAnd public information s_j,iP (j=t+1 ..., n) pass through formula (8) checking signature e_iValidity；

<mrow> <msub> <mi>H</mi> <mn>2</mn> </msub> <mrow> <mo>(</mo> <msub> <mi>ID</mi> <mi>u</mi> </msub> <mo>,</mo> <msub> <mi>W</mi> <mi>u</mi> </msub> <mo>)</mo> </mrow> <mo>&amp;lsqb;</mo> <msub> <mi>P</mi> <mi>i</mi> </msub> <mo>+</mo> <mrow> <mo>(</mo> <msubsup> <mo>&amp;Sigma;</mo> <mrow> <mi>j</mi> <mo>=</mo> <mi>t</mi> <mo>+</mo> <mn>1</mn> </mrow> <mi>n</mi> </msubsup> <msub> <mi>s</mi> <mrow> <mi>j</mi> <mo>,</mo> <mi>i</mi> </mrow> </msub> <msubsup> <mo>&amp;Pi;</mo> <mrow> <mi>k</mi> <mo>=</mo> <mn>1</mn> <mo>,</mo> <mi>k</mi> <mo>&amp;NotEqual;</mo> <mi>i</mi> </mrow> <mi>t</mi> </msubsup> <mfrac> <mi>k</mi> <mrow> <mi>k</mi> <mo>-</mo> <mi>i</mi> </mrow> </mfrac> <mo>)</mo> </mrow> <mi>P</mi> <mo>&amp;rsqb;</mo> <mover> <mo>=</mo> <mo>?</mo> </mover> <msub> <mi>X</mi> <mi>i</mi> </msub> <mo>-</mo> <mo>-</mo> <mo>-</mo> <mrow> <mo>(</mo> <mn>8</mn> <mo>)</mo> </mrow> </mrow>

After being verified, receive signature e_i, otherwise resubmit key request.