CN107682150B - 一种适用于计算资源非对称领域的共享密钥建立方法 - Google Patents
一种适用于计算资源非对称领域的共享密钥建立方法 Download PDFInfo
- Publication number
- CN107682150B CN107682150B CN201711024800.7A CN201711024800A CN107682150B CN 107682150 B CN107682150 B CN 107682150B CN 201711024800 A CN201711024800 A CN 201711024800A CN 107682150 B CN107682150 B CN 107682150B
- Authority
- CN
- China
- Prior art keywords
- bob
- alice
- key
- user
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本发明公开了一种适用于计算资源非对称领域的共享密钥建立方法,采用背包问题和离散对数问题(包括椭圆曲线离散对数问题)给出了一种共享密钥的建立方法,其特点是协议双方实现过程中所需的计算资源不对称,极大地提高了协议一方的实现效率。特别适用于物联网,云计算等安全领域中服务器与移动终端计算资源非对称应用领域,在这些领域比传统密钥交换协议如Diffie‑Hellman密钥交换协议等有优势。本发明提供的方法可广泛应用于网络安全、电子商务等信息安全***领域。
Description
技术领域
本发明属于信息安全技术领域,尤其涉及一种适用于计算资源非对称领域的共享密钥建立方法。
背景技术
针对对称密码算法中密钥管理复杂的问题,1976年Diffie和Hellman提出了“公钥密码体制”的思想,并提出了Diffie-Hellman密钥交换(密钥建立)协议,解决了***道密钥的传输难题。
传统公钥密码体制存在两个缺陷:
(1)与对称密码相比,公钥密码体制大多基于数学困难问题而设计、实现效率低;
(2)算法本身没有考虑实现环境的差异,例如,对于经典的Diffie-Hellman密钥交换协议,协议双方在实现协议的过程中消耗的计算资源是相同的,亦即,均需执行两次大整数模幂运算。
然而,目前很多应用领域如物联网、云计算等往往呈现计算资源非对称的特点,即服务器一端计算资源强,终端计算资源弱。
发明内容
针对上述存在的技术问题,本发明的目的是提供一种适用于计算资源非对称领域的共享密钥建立方法。
本发明所采用的技术方案是:一种适用于计算资源非对称领域的共享密钥建立方法,假设通信双方是Bob和Alice,则通信双方建立密钥共享包括以下步骤:
步骤1:建立***;
步骤3:Alice通过***道发送KA给Bob;
步骤7:Bob收到KA后,用自己的私钥b计算出共享密钥KAB=(Πi∈S yi)b;
本发明具有以下优点和积极效果:协议双方实现过程中所需的计算资源不对称,极大地提高了协议一方的实现效率。特别适用于物联网,云计算等安全领域中服务器与移动终端计算资源非对称应用领域,在这些领域比传统密钥交换协议如Diffie-Hellman密钥交换协议等有优势。
附图说明
图1是本发明实施例的流程图。
具体实施方式
为了便于本领域普通技术人员理解和实施本发明,下面结合附图及实施例对本发明作进一步的详细描述,应当理解,此处所描述的实施示例仅用于说明和解释本发明,并不用于限定本发明。
请见图1,本发明提供的一种适用于计算资源非对称领域的共享密钥建立方法,假设通信双方是Bob和Alice,则通信双方建立密钥共享包括以下步骤:
步骤1:建立***;
步骤3:Alice通过***道发送KA给Bob;
步骤7:Bob收到KA后,用自己的私钥b计算出共享密钥KAB=(Πi∈S yi)b;
本发明还提供了一种适用于计算资源非对称领域的共享密钥建立方法,假设通信双方是Bob和Alice,则通信双方建立密钥共享包括以下步骤:
步骤1:建立***;
步骤3:Alice通过***道发送KA给Bob;
步骤5:Bob通过***道发送KB={b(x1,y1),…,b(xn,yn)}给Alice;
步骤6:Alice收到KB后,用自己的私钥S计算出共享密钥KBA=∑i∈S b(xi,yi);
步骤7:Bob收到KA后,用自己的私钥b计算出共享密钥KAB=b∑i∈S(xi,yi);
应当理解的是,本说明书未详细阐述的部分均属于现有技术。
应当理解的是,上述针对较佳实施例的描述较为详细,并不能因此而认为是对本发明专利保护范围的限制,本领域的普通技术人员在本发明的启示下,在不脱离本发明权利要求所保护的范围情况下,还可以做出替换或变形,均落入本发明的保护范围之内,本发明的请求保护范围应以所附权利要求为准。
Claims (2)
1.一种适用于计算资源非对称领域的共享密钥建立方法,其特征在于:假设通信双方是Bob和Alice,则通信双方建立密钥共享包括以下步骤:
步骤1:建立***;
步骤3:Alice通过***道发送KA给Bob;
步骤7:Bob收到KA后,用自己的私钥b计算出共享密钥KAB=(Πi∈Syi)b;
2.一种适用于计算资源非对称领域的共享密钥建立方法,其特征在于:假设通信双方是Bob和Alice,则通信双方建立密钥共享包括以下步骤:
步骤1:建立***;
步骤3:Alice通过***道发送KA给Bob;
步骤5:Bob通过***道发送KB={b(x1,y1),…,b(xn,yn)}给Alice;
步骤6:Alice收到KB后,用自己的私钥S计算出共享密钥KBA=∑i∈Sb(xi,yi);
步骤7:Bob收到KA后,用自己的私钥b计算出共享密钥KAB=b∑i∈S(xi,yi);
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711024800.7A CN107682150B (zh) | 2017-10-27 | 2017-10-27 | 一种适用于计算资源非对称领域的共享密钥建立方法 |
US15/869,110 US10637653B2 (en) | 2017-10-27 | 2018-01-12 | System and method for establishing share key in computing-resource-asymmetric field |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711024800.7A CN107682150B (zh) | 2017-10-27 | 2017-10-27 | 一种适用于计算资源非对称领域的共享密钥建立方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107682150A CN107682150A (zh) | 2018-02-09 |
CN107682150B true CN107682150B (zh) | 2020-03-10 |
Family
ID=61142902
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711024800.7A Active CN107682150B (zh) | 2017-10-27 | 2017-10-27 | 一种适用于计算资源非对称领域的共享密钥建立方法 |
Country Status (2)
Country | Link |
---|---|
US (1) | US10637653B2 (zh) |
CN (1) | CN107682150B (zh) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103326852A (zh) * | 2013-06-20 | 2013-09-25 | 武汉大学 | 一种量子计算环境下的共享密钥建立方法 |
CN103986575A (zh) * | 2014-06-05 | 2014-08-13 | 武汉大学 | 一种计算非对称的共享密钥建立方法 |
CN107241190A (zh) * | 2017-08-04 | 2017-10-10 | 南京理工大学 | 一种基于身份的密钥协商构建方法与网络平台 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040050625A (ko) * | 2002-12-10 | 2004-06-16 | 한국전자통신연구원 | 대칭형 및 비대칭형 인증 키 교환을 이용한 인증방법 |
US8707042B2 (en) * | 2008-08-28 | 2014-04-22 | Red Hat, Inc. | Sharing keys between cooperating parties |
CN101616410B (zh) * | 2009-06-25 | 2011-08-10 | 中兴通讯股份有限公司 | 一种蜂窝移动通信网络的接入方法和*** |
US8553878B2 (en) * | 2010-04-14 | 2013-10-08 | Apple Inc. | Data transformation system using cyclic groups |
US9229823B2 (en) * | 2011-08-17 | 2016-01-05 | International Business Machines Corporation | Storage and retrieval of dispersed storage network access information |
JP2014220661A (ja) * | 2013-05-08 | 2014-11-20 | 株式会社東芝 | 証明装置、出力装置、検証装置、入力装置、証明方法、検証方法およびプログラム |
SG10201509342WA (en) * | 2015-11-12 | 2017-06-29 | Huawei Int Pte Ltd | Method and system for session key generation with diffie-hellman procedure |
JP6613909B2 (ja) * | 2016-01-15 | 2019-12-04 | 富士通株式会社 | 相互認証方法、認証装置および認証プログラム |
US20170359318A1 (en) * | 2016-06-12 | 2017-12-14 | Apple Inc. | Diversification of Public Keys |
-
2017
- 2017-10-27 CN CN201711024800.7A patent/CN107682150B/zh active Active
-
2018
- 2018-01-12 US US15/869,110 patent/US10637653B2/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103326852A (zh) * | 2013-06-20 | 2013-09-25 | 武汉大学 | 一种量子计算环境下的共享密钥建立方法 |
CN103986575A (zh) * | 2014-06-05 | 2014-08-13 | 武汉大学 | 一种计算非对称的共享密钥建立方法 |
CN107241190A (zh) * | 2017-08-04 | 2017-10-10 | 南京理工大学 | 一种基于身份的密钥协商构建方法与网络平台 |
Non-Patent Citations (2)
Title |
---|
"An authenticated group key agreement for wireless networks";Chik How Tan ; J.C.M. Teo;《IEEE Wireless Communications and Networking Conference,2005》;20051231;第4卷;第2100-2105页 * |
"SSEM Secure, scalable and efficient multi-owner data sharing in clouds";Shungan Zhou;Ruiying Du等;《China Communications》;20161231;第13卷(第8期);第321-243页 * |
Also Published As
Publication number | Publication date |
---|---|
CN107682150A (zh) | 2018-02-09 |
US10637653B2 (en) | 2020-04-28 |
US20190132121A1 (en) | 2019-05-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103200000B (zh) | 一种量子计算环境下的共享密钥建立方法 | |
Zhang et al. | ID-based one round authenticated tripartite key agreement protocol with pairings | |
CN103986575B (zh) | 一种计算非对称的共享密钥建立方法 | |
Tang et al. | Cryptanalysis of Arshad et al.’s ECC-based mutual authentication scheme for session initiation protocol | |
Lin et al. | Insecurity of an anonymous authentication for privacy-preserving IoT target-driven applications | |
WO2017049790A1 (zh) | 一种基于多变量密码技术的在线离线签名***及方法 | |
Erkin | Private data aggregation with groups for smart grids in a dynamic setting using CRT | |
Farash et al. | Vulnerability of two multiple-key agreement protocols | |
CN112953700B (zh) | 一种提升安全多方计算效率的方法、***及存储介质 | |
Kodali et al. | Energy efficient ECC encryption using ECDH | |
CN103326852A (zh) | 一种量子计算环境下的共享密钥建立方法 | |
CN113676333A (zh) | 一种两方协作生成sm2盲签名方法 | |
Kumar et al. | Ternary tree based group key agreement protocol over elliptic curve for dynamic group | |
Thapa et al. | Asymmetric social proximity based private matching protocols for online social networks | |
Chen et al. | Industrial blockchain threshold signatures in federated learning for unified space-air-ground-sea model training | |
Kar et al. | An efficient password security of multi-party Key Exchange Protocol using secret sharing based on ECDLP | |
Huang et al. | Two-party authenticated multiple-key agreement based on elliptic curve discrete logarithm problem | |
CN107682150B (zh) | 一种适用于计算资源非对称领域的共享密钥建立方法 | |
Boni et al. | Improving the diffie-hellman key exchange algorithm by proposing the multiplicative key exchange algorithm | |
Wang et al. | An improved digital signature algorithm and authentication protocols in cloud platform | |
Zheng et al. | Threshold attribute‐based signcryption and its application to authenticated key agreement | |
Nagesh et al. | Comparative analysis of MOD-ECDH algorithm and various algorithms | |
Yang et al. | Support outsourcing unsigncryption and member revocation identity-based proxy signcryption scheme with drone environment | |
Ghoreishi et al. | A novel secure two-party identity-based authenticated key agreement protocol without bilinear pairings | |
Kumar et al. | A pairing free certificateless group key agreement protocol with constant round |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |