CN117439746A

CN117439746A - Remote authentication method, device, apparatus, storage medium, and program product

Info

Publication number: CN117439746A
Application number: CN202210823034.5A
Authority: CN
Inventors: 张�林; 张文彬; 孙勇; 冯庆玲
Original assignee: Douyin Vision Beijing Co Ltd
Current assignee: Douyin Vision Beijing Co Ltd
Priority date: 2022-07-12
Filing date: 2022-07-12
Publication date: 2024-01-23

Abstract

The present disclosure provides a remote authentication method, apparatus, device, storage medium, and program product. The method comprises the following steps: providing a plurality of key establishment modes to a user, including a key transmission mode, a key negotiation mode, and a public key distribution mode; acquiring verification terminal identity information and a target key establishment mode set by a user based on a plurality of key establishment modes, and generating configuration information based on the target key establishment mode and the verification terminal identity information; generating a first temporary public key based on the target key establishment mode; acquiring authentication reference information from a specified authentication file based on the first temporary public key, the first password hash of the verifier identity information and the configuration information; the authentication reference information is used for providing the authentication reference information to the verification terminal to authenticate whether the verification terminal is trusted or not; generating an authentication request based on the configuration information, the first cryptographic hash, the first temporary public key, and the authentication reference information; and sending an authentication request to the verification terminal and receiving an authentication result aiming at the authentication request from the verification terminal.

Description

Remote authentication method, device, apparatus, storage medium, and program product

Technical Field

The present disclosure relates to the field of computer technology, and in particular, to a remote authentication method, apparatus, device, storage medium, and program product.

Background

In the existing SGX remote authentication implementation scheme, only one key mode is supported. However, in different scenarios, different key patterns are often required, so that when a trusted computing service needs to be applied in a different scenario, a different remote authentication scheme needs to be implemented. This results in increased costs for development and promotion of services for trusted computing and reduced security and efficiency of remote authentication.

Disclosure of Invention

The present disclosure proposes a remote authentication method, apparatus, device, storage medium, and program product to solve to some extent the technical problem that remote authentication cannot be compatible with multiple key modes.

In a first aspect of the present disclosure, there is provided a remote authentication method, including:

providing a plurality of key establishment modes to a user, wherein the plurality of key suggestion modes comprise a key transmission mode, a key negotiation mode and a public key distribution mode;

acquiring verification terminal identity information and a target key establishment mode set by a user based on the multiple key establishment modes, and generating configuration information based on the target key establishment mode and the verification terminal identity information;

generating a first temporary public key based on the target key establishment mode;

Acquiring authentication reference information from a specified authentication file based on the first temporary public key, a first password hash of the verifier identity information and the configuration information; the authentication reference information is used for providing the authentication reference information to a verification terminal to authenticate whether the verification terminal is trusted or not;

generating an authentication request based on the configuration information, the first cryptographic hash, the first temporary public key, and the authentication reference information;

and sending the authentication request to the verification terminal and receiving an authentication result from the verification terminal aiming at the authentication request.

In a second aspect of the present disclosure, there is provided a remote authentication method, including:

receiving an authentication request from a proving end, wherein the authentication request comprises a first temporary public key from the proving end, authentication reference information, first password hash of identity information of a verification end and configuration information; the authentication reference information is obtained from a specified authentication file based on the first temporary public key, the first password hash and the configuration information so as to authenticate whether the proving end is trusted or not; the configuration information comprises verification terminal identity information and a target key establishment mode set by a user based on a plurality of key establishment modes; the plurality of key establishment modes comprise a key transmission mode, a key negotiation mode and a public key distribution mode;

Analyzing the authentication request, and confirming the identity of the verification terminal based on a first password hash of the identity information of the verification terminal;

responding to successful identity confirmation of the verification end, and calling a remote authentication service to authenticate the authentication reference information so as to determine whether the verification end is trusted;

generating an authentication result based on the key establishment mode in response to determining that the prover is authentic;

and sending the authentication result to a proving end.

In a third aspect of the present disclosure, there is provided a remote authentication apparatus comprising:

a key module for providing a plurality of key establishment modes to a user, the plurality of key suggestion modes including a key transmission mode, a key negotiation mode, and a public key distribution mode;

the configuration information module is used for acquiring the identity information of the verification terminal and a target key establishment mode set by a user based on the multiple key establishment modes, and generating configuration information based on the target key establishment mode and the identity information of the verification terminal;

a temporary public key module for generating a first temporary public key based on the target key establishment mode;

the authentication reference module is used for acquiring authentication reference information from a specified authentication file based on the first temporary public key, the first password hash of the verifier identity information and the configuration information; the authentication reference information is used for providing the authentication reference information to a verification terminal to authenticate whether the verification terminal is trusted or not;

An authentication request module for generating an authentication request based on the configuration information, the first cryptographic hash, the first temporary public key, and the authentication reference information;

and the receiving and transmitting module is used for sending the authentication request to the verification end and receiving an authentication result aiming at the authentication request from the verification end.

In a fourth aspect of the present disclosure, there is provided a remote authentication apparatus including:

the receiving and transmitting module is used for receiving an authentication request from the evidence side, wherein the authentication request comprises a first temporary public key from the evidence side, authentication reference information, a first password hash of identity information of a verification side and configuration information; the authentication reference information is obtained from a specified authentication file based on the first temporary public key, the first password hash and the configuration information so as to authenticate whether the proving end is trusted or not; the configuration information comprises verification terminal identity information and a target key establishment mode set by a user based on a plurality of key establishment modes; the plurality of key establishment modes comprise a key transmission mode, a key negotiation mode and a public key distribution mode;

the analysis module is used for analyzing the authentication request;

The identity verification module is used for verifying the identity of the verification terminal based on the first password hash of the identity information of the verification terminal;

the remote authentication module is used for calling a remote authentication service to authenticate the authentication reference information in response to the successful identity confirmation of the verification end so as to determine whether the verification end is trusted or not;

the authentication result module is used for generating an authentication result based on the key establishment mode in response to the fact that the proving end is trusted;

the receiving and transmitting module is also used for transmitting the authentication result to the proving end.

In a fifth aspect of the disclosure, an electronic device is provided, which includes one or more processors, a memory; and one or more programs, wherein the one or more programs are stored in the memory and executed by the one or more processors, the programs comprising instructions for performing the method of the first or second aspect.

In a sixth aspect of the present disclosure, there is provided a non-transitory computer readable storage medium containing a computer program which, when executed by one or more processors, causes the processors to perform the method of the first or second aspect.

In a seventh aspect of the present disclosure, there is provided a computer program product comprising computer program instructions which, when run on a computer, cause the computer to perform the method of the first or second aspect.

From the above, it can be seen that the remote authentication method, apparatus, device, storage medium and program product provided by the present disclosure can be compatible with a high-efficiency remote authentication scheme of multiple key modes at the same time, only needs one round of interaction, supports two-way authentication, can satisfy the authentication of SGX application and the function and security requirement of remote authentication, resists replay attack and unknown key sharing attack, can support different scenarios at the same time, and can save the cost of development and popularization.

Drawings

In order to more clearly illustrate the technical solutions of the present disclosure or related art, the drawings required for the embodiments or related art description will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present disclosure, and other drawings may be obtained according to these drawings without inventive effort to those of ordinary skill in the art.

Fig. 1 is a schematic diagram of a remote authentication architecture according to an embodiment of the present disclosure.

Fig. 2 is a schematic hardware architecture diagram of an exemplary electronic device according to an embodiment of the disclosure.

Fig. 3 is a flow diagram of a remote authentication system according to an embodiment of the present disclosure.

Fig. 4 is an example flow diagram of a remote authentication method according to an embodiment of the present disclosure.

Fig. 5 is a flowchart illustrating a remote authentication method according to an embodiment of the disclosure.

Fig. 6 is a flowchart illustrating a remote authentication method according to an embodiment of the disclosure.

Fig. 7 is a schematic diagram of a remote authentication device according to an embodiment of the present disclosure.

Fig. 8 is a schematic diagram of a remote authentication device according to an embodiment of the present disclosure.

Detailed Description

For the purposes of promoting an understanding of the principles and advantages of the disclosure, reference will now be made to the embodiments illustrated in the drawings and specific language will be used to describe the same.

It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present disclosure should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present disclosure pertains. The terms "first," "second," and the like, as used in embodiments of the present disclosure, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.

The remote authentication of SGX (Software Gaurd Extensions) is currently based on the secure basis of trusted execution environment (Trusted Execution Environment, TEE) applications, which remote authentication is initiated by a user to a TEE for remote authentication requests; the TEE measures the program codes loaded into the TEE encryption memory, signs the measured values, and then sends the measured values and the signatures to the user; after the user verifies the signature legal with the help of the authentication service provider, the metric value contained in the signature is compared with the metric value which is locally and pre-owned, if the metric value is consistent, the program running in the TEE is proved to be authenticated in advance by the user, and the TEE and the program running in the TEE can be trusted, so that the secret to be protected can be transmitted to the inside of the TEE through a secure channel of remote authentication. In the remote authentication protocol, the secret to be protected by the user is generally the key and data of the user, and mainly supports two common key modes: one is a symmetric key mode, which means that the user transmits his own data key to the inside of the TEE through a secure channel of remote authentication, and the data can be encrypted with the data key and then sent to the TEE separately. In another public key and envelope encryption mode, a public-private key pair is generated in the TEE at the same time, the public key and the metric value are signed together, and the public key, the metric value and the signature are sent to the user together; after the user passes the verification, the self symmetric key is encrypted by the public key of the TEE, the data is encrypted by the symmetric key, and then the ciphertext of the symmetric key and the ciphertext of the data are returned to the TEE.

It can be seen that, in the above-mentioned existing SGX remote authentication schemes, only one of the key modes is supported, and two key modes cannot be supported simultaneously. However, in different scenarios, different key patterns are often required, and when a trusted computing service needs to be applied in different scenarios, different remote authentication schemes need to be implemented, which increases the development and promotion costs of the service. Therefore, how to implement remote authentication compatible with multiple key modes is a technical problem to be solved.

In view of this, the embodiments of the present disclosure provide a remote authentication method, apparatus, device, storage medium, and program product. The method can be compatible with the efficient remote authentication scheme of multiple key modes at the same time, only needs one round of interaction, supports two-way authentication, can meet the authentication and remote authentication functions and security requirements of SGX applications, resists replay attack and unknown key sharing attack, can support different scenes at the same time, and can save development and popularization costs.

Fig. 1 shows a schematic diagram of a remote authentication architecture of an embodiment of the present disclosure. Referring to fig. 1, the remote authentication architecture 100 may include a server 110, a terminal 120, and a network 130 providing a communication link. The server 110 and the terminal 120 may be connected through a wired or wireless network 130. The server 110 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server that provides cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligence platforms.

The terminal 120 may be a hardware or software implementation. For example, when the terminal 120 is a hardware implementation, it may be a variety of electronic devices having a display screen and supporting page display, including but not limited to smartphones, tablets, e-book readers, laptop and desktop computers, and the like. When the terminal 120 is implemented in software, it may be installed in the above-listed electronic device; it may be implemented as a plurality of software or software modules (e.g., software or software modules for providing distributed services) or as a single software or software module, without limitation.

It should be noted that, the remote authentication method provided in the embodiment of the present application may be performed by the terminal 120 or may be performed by the server 110. It should be understood that the number of terminals, networks, and servers in fig. 1 are illustrative only and are not intended to be limiting. There may be any number of terminals, networks, and servers, as desired for implementation.

Fig. 2 shows a schematic hardware structure of an exemplary electronic device 200 provided by an embodiment of the disclosure. As shown in fig. 2, the electronic device 200 may include: processor 202, memory 204, network module 206, peripheral interface 208, and bus 210. Wherein the processor 202, the memory 204, the network module 206, and the peripheral interface 208 are communicatively coupled to each other within the electronic device 200 via a bus 210.

The processor 202 may be a central processing unit (Central Processing Unit, CPU), an image processor, a neural Network Processor (NPU), a Microcontroller (MCU), a programmable logic device, a Digital Signal Processor (DSP), an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits. The processor 202 may be used to perform functions related to the techniques described in this disclosure. In some embodiments, processor 202 may also include multiple processors integrated as a single logic component. For example, as shown in fig. 2, the processor 202 may include a plurality of processors 202a, 202b, and 202c.

The memory 204 may be configured to store data (e.g., instructions, computer code, etc.). As shown in fig. 2, the data stored by the memory 204 may include program instructions (e.g., program instructions for implementing a remote authentication method of an embodiment of the present disclosure) as well as data to be processed (e.g., the memory may store configuration files of other modules, etc.). The processor 202 may also access program instructions and data stored in the memory 204 and execute the program instructions to perform operations on the data to be processed. The memory 204 may include volatile storage or nonvolatile storage. In some embodiments, memory 204 may include Random Access Memory (RAM), read Only Memory (ROM), optical disks, magnetic disks, hard disks, solid State Disks (SSD), flash memory, memory sticks, and the like.

The network module 206 may be configured to provide communications with other external devices to the electronic device 200 via a network. The network may be any wired or wireless network capable of transmitting and receiving data. For example, the network may be a wired network, a local wireless network (e.g., bluetooth, wiFi, near Field Communication (NFC), etc.), a cellular network, the internet, or a combination of the foregoing. It will be appreciated that the type of network is not limited to the specific examples described above. In some embodiments, the network module 106 may include any combination of any number of Network Interface Controllers (NICs), radio frequency modules, receivers, modems, routers, gateways, adapters, cellular network chips, etc.

Peripheral interface 208 may be configured to connect electronic device 200 with one or more peripheral devices to enable information input and output. For example, the peripheral devices may include input devices such as keyboards, mice, touchpads, touch screens, microphones, various types of sensors, and output devices such as displays, speakers, vibrators, and indicators.

Bus 210 may be configured to transfer information between the various components of electronic device 200 (e.g., processor 202, memory 204, network module 206, and peripheral interface 208), such as an internal bus (e.g., processor-memory bus), an external bus (USB port, PCI-E bus), etc.

It should be noted that, although the architecture of the electronic device 200 described above only shows the processor 202, the memory 204, the network module 206, the peripheral interface 208, and the bus 210, in a specific implementation, the architecture of the electronic device 200 may also include other components necessary to achieve normal operation. Furthermore, those skilled in the art will appreciate that the architecture of the electronic device 200 may also include only the components necessary to implement the embodiments of the present disclosure, and not all of the components shown in the figures.

Referring to fig. 3, fig. 3 shows a schematic diagram of a remote authentication system according to an embodiment of the present disclosure. In fig. 3, system 300 may include user platform 310, server 320, and authentication service (Intel Attestation Service) IAS/PCCS.

User platform 310 may be a computing device running on an SGX CPU platform. The user platform 310 may include a prover Attestor and an Application 313 (Application), which may further include an Application Enclave (Application Enclave) 311 and a reference Enclave (taking Enclave) 312. Among other things, application 313 may be an application running outside of the TEE that is not protected by trusted hardware and is therefore not trusted and secure to the user. Application enclave 311 is a protected content container that holds sensitive data and code for application 313. Reference enclave 312 is used to handle remote authentication, and a report (report) from application enclave 311 may be received via application 313, validated and signed to generate corresponding reference information (quote) back to application 313.

The server 320 is used to invoke an authentication service IAS/PCCS to verify the reference information (quote) to authenticate the identity of the application enclave 311. Server 320 and authentication service IAS/PCCS may act as verification end verifiers, i.e., entities trusted by the user side or user.

In fig. 3, the user side may send authentication information along with an initial request (e.g., SQL query, keyword search, etc.) to the application 313 of the user platform 310 where the prover Attestor is located. The authentication information includes a key length, a key establishment pattern KEMode (Key Establishment Mode), verifier identity information info, and a challenge value n2. The key establishment mode may include a key transfer secret provisionning mode (denoted as sp), a key negotiation key agrement mode (denoted as ka), and a public-key distribution mode (denoted as pkd). The key transmission mode may refer to that the verification terminal encrypts and signs the data key, and transmits the encrypted data key to the verification terminal, and the verification terminal decrypts the encrypted data key to obtain the data key. The key negotiation mode may indicate that the certificate end and the verification end negotiate together to obtain the data key. The public key distribution mode may refer to authenticating a public key of the evidence-side based on the verification side and transferring the data key based on the authenticated public key of the evidence-side.

Application 313 sends the authentication information to application enclave 311 to initiate the prover Attestor. As shown in fig. 4, fig. 4 shows an example flow diagram of a remote authentication method according to an embodiment of the disclosure. In conjunction with fig. 3 and 4, the remote authentication method 400 may include the following steps.

In step S410, the proving end Attestor (e.g., the application enclave 311) receives the authentication information determined by the user side, and generates the configuration information cf based on the authentication information. The configuration information cf may include at least part of the verification information, and may further include data to be transmitted other than the verification information.

In step S411, the proving end Attestor (e.g., the application enclave 311) calculates the temporary public key epk based on the key establishment mode KEMode in the verification information cf. Wherein KEMode is public key distribution mode pkd, step 412 is performed; KEMode is key transfer mode sp or key negotiation mode ka, step 413 is performed.

In step S412, for the key establishment mode KEMode being the public key distribution mode pkd, i.e., kemode= pkd, the proving end Attestor (e.g., the application enclave 311) generates the temporary public key epk1 based on the public-private key pair (rsk, rpk) and the challenge value n1, the challenge value n 2; step S414 is performed.

In some embodiments, the public-private key pair (rsk, rpk) may be randomly generated, or the public-private key pair (rsk, rpk) of RSA3072 may be recovered. For example, 3072 bits of public-private key pair (rsk, rpk) may be randomly generated based on the RSA algorithm; when the public-private key pair (rsk, rpk) has been generated before, the 3072-bit public-private key pair (rsk, rpk) based on the RSA algorithm can be recovered from the existing file to reduce the calculation amount.

In some embodiments of the present invention, in some embodiments, the temporary public key epk1 may include epk 1= rpk | i n1 i n2.

In step S413, the key transmission mode sp and the key negotiation mode ka, i.e., the key= ka or sp are set for the key establishment mode KEMode. The prover side Attestor (e.g., the application enclave 311) may calculate a temporary public key epk1 based on the temporary private key esk 1; step S414 is performed.

In some embodiments, the temporary private key esk1=r1. Where r1 may be a randomly generated random number.

In some embodiments, the temporary public key epk1 =esk1×g=r1×g. Where G may be the G point in an elliptic encryption algorithm.

In some embodiments, application enclave 311 may send temporary public key epk to reference enclave 312 via application 313. For example, temporary public key epk1 is sent to application 313 in the user data field of a report (report) for remote authentication, and forwarded by application 313 to reference enclave 312.

In step S414, the prover side Attestor (e.g., referring to enclave 312) calculates a verifier identity information hash value id 2= H (info) based on the verifier identity information info in the verification information; and based on the configuration information cf verifier identity information Hash value id2 and temporary public key epk1 calculates a Hash value hash= H (cf||id2||| epk 1).

The proving end Attestor (e.g., references enclave 312) expands the Hash value Hash to obtain an expanded Hash. For example, the Hash value Hash is 32 bytes, and the 32 bytes are extended after the Hash value Hash of the 32 bytes to obtain an extended Hash of 64 bytes, for example, the 32 bytes extended after the Hash value Hash are all stored with 0. The extension Hash may be stored in a user data field for the report, e.g., written in a software guard extension (SGX) report/dev/attestation/user_report_data; and obtains authentication reference information quoise via reference enclave 312, e.g., information of read software guard extension (SGX) reference/dev/attestation/quoise. The referencing enclave 312 may send configuration information cf, verifier identity information hash value id2, temporary public key epk1, and authentication referencing information quote to the application 313.

The application 313 generates an authentication request req based on the configuration information cf, the verifier identity information hash value id2, the temporary public key epk1, and the authentication reference information quote. Application 313 sends an authentication request req to a verification-side Verifier (e.g., server 320).

In some embodiments, the authentication request req=cf||id 2|| epk1 |quote is generated.

In step S420, while the proving end Attestor performs the above steps S410 to S414, the verifying end Verifier may load information such as the long-term private key sk2, the long-term public key pk2, and the cert certificate (e.g., CA root certificate) set on the user side.

In step S421, the Verifier (e.g., server 320) receives the authentication request req from the prover Attestor, e.g., from step S414. The server 320 may forward the authentication request req to the authentication server IAS/PCCS.

The verification end Verifier (for example, an authentication server IAS/PCCS) can analyze the authentication request req to obtain configuration information cf, a Verifier identity information hash value id2, authentication reference information quote and a temporary public key epk1; and judges whether the authentication request req is sent to the correct verification end Verifier based on the Verifier identity information hash value id 2. If it is confirmed that the authentication request req is correctly sent to the Verifier, a Hash value hash=h (cf||id 2|| epk 1) can be calculated. If the authentication request req is sent to the wrong verifying end Verifier, it ends.

In step S421, the verification end Verifier also invokes the authentication service IAS/PCCS to verify the authentication reference information quote. For example, the authentication service IAS/PCCS is invoked to verify the reference information quote based on the Hash value Hash calculated by the verification end Verifier.

In step S422, the verification terminal Verifier calculates the data key dk, the encrypted data key c, and the response resp of the verification terminal Verifier to the authentication request of the verification terminal Attestor based on the key establishment mode KEMode in the verification information cf. Wherein KEMode is public key distribution mode pkd, step 423 is executed; KEMode is key transfer mode sp or key negotiation mode ka, step 424 is performed.

In step S423, the verification terminal Verifier determines that the key establishment mode KEMode is the public key distribution mode pkd, that is, kemode= pkd, and may randomly select the data key dk or obtain the data key dk set by the user side.

The verification terminal Verifier encrypts the data key dk based on the public key rpk of the public-private key pair of the verification terminal Attestor (e.g., the public key rpk of RSA3072 may be obtained from the temporary public key epk 1) to obtain an encrypted data key c=pke (rpk; dk).

The verification terminal Verifier may sign the temporary public key epk1 ||encryption data key c based on the long-term private key sk2 to obtain verification signature data sig1=sig (sk 2; epk1 |c).

Verification terminal Verifier based on verification signature data sig1 generates response resp =sig1|||c || cert. Step S425 is performed.

In step S424, the verification terminal Verifier determines that the key establishment mode KEMode is the key transmission mode sp and the key negotiation mode ka, i.e., kemode= ka or sp. The verification segment Verifier obtains a temporary public key epk based on the temporary private key esk 2.

In some embodiments, the temporary private key esk2=r2. Where r2 may be a randomly generated random number.

In some embodiments, the temporary public key epk2 =esk2×g=r2×g. Where G may be the G point in an elliptic encryption algorithm.

The verification terminal Verifier obtains a master key k=r2× epk1 based on the temporary public key epk and the temporary private key esk2=r2 obtained by parsing the authentication request req.

The verification terminal Verifier obtains a session key sk=h (cf| epk1 |1| epk 2||k) based on the configuration information cf, the temporary public key epk1, the temporary public key epk, and the master key k.

If the key establishment mode KEMode is the key negotiation mode ka, the verification end Verifier makes the data key dk=sk, otherwise, the data key dk set by the user side is randomly generated or acquired. That is, if the key establishment mode KEMode is the key transmission mode sp, the Verifier randomly generates the data key dk or the acquired data key dk set by the user side.

Then, the encrypted data key c is calculated, if the key establishment mode KEMode is the key negotiation mode ka, the verification end Verifier makes the encrypted data key c=null, otherwise, the data key dk and the session key sk are encrypted to obtain the encrypted data key c. That is, if the key establishment mode KEMode is the key transmission mode sp, the verification terminal Verifier encrypts the data key dk and the session key sk to obtain the encrypted data key c.

In some embodiments, the data key dk may be encrypted using an encryption algorithm to obtain the encrypted data key c. For example, the data key dk and the session key sk are encrypted using the AESGCM encryption algorithm, c=aes (sk; dk).

Then, the verification terminal Verifier signs the temporary public key epk 1||temporary public key epk2 |2|encrypted data key c based on the long-term private key sk2 to obtain verification signature data sig2=sig (sk 2; epk1|| epk 2|c).

The verification terminal Verifier generates a response resp=sig2|| epk2 |c||cert based on the verification signature data sig 2. Step S425 is performed.

In step S425, the Verifier verifiers send a response resp to the prover Attestor and output the data key dk.

In some embodiments, when the key establishment mode KEMode is the public key distribution mode pkd, the temporary public key epk1 is also output in step S425.

In step S415, the prover Attestor may receive a response resp from the Verifier. The attestation end Attestor analyzes the response resp, verifies the certificate cert from the verification end Verifier according to the CA root certificate, and confirms the identity of the verification end Verifier. Step S416 is performed if the authentication is successful, and ends if the authentication is unsuccessful.

In step S416, the proving end Attestor calculates the data key dk based on the key establishment mode KEMode in the verification information cf. Wherein KEMode is public key distribution mode pkd, step 417 is performed; KEMode is key transfer mode sp or key negotiation mode ka, step 418 is performed.

In step S417, the proving end Attestor determines that the key establishment mode KEMode is the public key distribution mode pkd, i.e., kemode= pkd, and can Verify the signature data sig1 based on the long-term public key pk2 from the verifying end Verifier, for example, verify whether Verify (pk 2; sig1; epk 1||c) = true holds.

The proving end Attestor may further decrypt the encrypted data key c based on the private key rsk obtained by RSA3072, to obtain a data key dk=pke (rsk; c). Step S419 is performed.

In step S418, the proving end Attestor determines that the key establishment mode KEMode is the key transmission mode sp and the key negotiation mode ka, i.e., kemode= ka or sp. The proving end Attestor verifies signature data sig2 based on a long-term public key pk2 from a Verifier, for example, verifies whether Verify (pk 2; sig2; epk1 epk2 c) = true holds.

The proving end Attestor may also obtain a master key k=r1× epk2 based on the verifying end temporary public key epk2.

The proving end Attestor may further calculate the session key sk=h (cf|| epk1 |1|| epk 2||k) by using the configuration information cf, the temporary public key epk1, the temporary public key epk and the master key k.

If the key establishment mode KEMode is the key negotiation mode ka, the data key dk=sk, otherwise, the proving end Attestor decrypts the encrypted data key c based on the session key sk to obtain the data key dk=aes (sk; c). That is, if the key establishment mode KEMode is the key transmission mode sp, the proving end Attestor decrypts the encrypted data key c based on the session key sk to obtain the data key dk=aes (sk; c).

In step S419, the proving end Attestor outputs the data key dk. Therefore, the method according to the embodiment of the disclosure can realize one-round protocol of "request of evidence-verification-reply of evidence-side" to complete the remote authentication process, can be compatible with authentication of multiple key modes at the same time, can meet the functions and security requirements of authentication and remote authentication of SGX application, and resists replay attack, unknown key sharing attack and the like.

For key agreement or remote authentication in a key transmission mode, the user side can encrypt data to be transmitted by using a data key dk to obtain a transmission ciphertext c_data, and send the transmission ciphertext c_data to an proving end Attestor (such as an application program enclave 311); after the application enclave 311 calculates the corresponding plaintext result, the plaintext result is encrypted by using the data key dk to obtain a result ciphertext c_result, and the result ciphertext c_result is returned to the user side.

For remote authentication in a public key distribution mode, after a user side verifies that a challenge value n2 is consistent, a distributed public key epk1 can be used for carrying out envelope encryption on data to be transmitted to obtain a transmission ciphertext c_data ', then a Hash value Hash (c_data ') of the transmission ciphertext c_data ' is transmitted to a verification end Verifier, the verification end Verifier signs the transmission ciphertext c_data ' to obtain a signature result sig, and the verification end Verifier transmits the transmission ciphertext c_data ' and the signature result sig to an indication end Attestor (such as an application program enclave 311); the application program enclave 311 verifies the signature result sig and decrypts and transmits the ciphertext c_data ', and then calculates to obtain a corresponding plaintext result'; and the result' of the plaintext is encrypted by the data key dk and returned to the Verifier, and the result is decrypted by the Verifier and then transmitted to the user side.

Referring to fig. 5, fig. 5 shows a schematic diagram of a remote authentication method according to an embodiment of the present disclosure. The method 500 may be used to implement remote authentication and may be implemented by the server 110 or the terminal 120 of fig. 1, or by both the server 110 and the terminal 120. And may also be implemented by the electronic device 200 of fig. 2. Referring to fig. 5, the method 500 may include the following steps.

In step S510, a plurality of key establishment modes including a key transmission mode (e.g., kemode= sp in fig. 4), a key negotiation mode (e.g., kemode= ka in fig. 4), and a public key distribution mode (e.g., kemode= pkd in fig. 4) are provided to the user;

in step S520, acquiring verification-side identity information (for example, info in fig. 4) and a target key establishment mode set by the user based on the plurality of key establishment modes, and generating configuration information (for example, cf in fig. 4) based on the target key establishment mode and the verification-side identity information;

at step S530, a first temporary public key (e.g., epk1 in fig. 4) is generated based on the target key establishment mode;

at step S540, authentication reference information (e.g., quote in fig. 4) is obtained from a specified authentication file (e.g.,/edv/attestation/, in fig. 4) based on the first temporary public key (e.g., epk1 in fig. 4), a first cryptographic hash of the verifier identity information (e.g., id2 in fig. 4, which may be a hash value or other cryptographic value), and the configuration information; the authentication reference information is used for providing the authentication reference information to a verification terminal to authenticate whether the verification terminal is trusted or not;

At step S550, an authentication request (e.g., req in fig. 4) is generated based on the configuration information, the first cryptographic hash, the first temporary public key, and the authentication reference information;

in step S560, the authentication request is sent to the verification terminal, and an authentication result (e.g., resp in fig. 4) for the authentication request is received from the verification terminal.

In some embodiments, generating a first temporary public key based on the target key establishment mode includes:

generating a first temporary public key (e.g., epk1 =r1×g in fig. 4) based on a randomly generated first temporary private key (e.g., esk=r1 in fig. 4) and an elliptic encryption algorithm if the target key establishment mode is a key transmission mode or a key negotiation mode;

if the target key establishment mode is a public key distribution mode, generating the first temporary public key based on an prover public key (e.g., rpk in fig. 4) of a prover public-private key pair, a randomly generated first challenge value (e.g., n1 in fig. 4), and a user-set second challenge value (e.g., n2 in fig. 4); the public and private key pairs of the proving end are randomly generated or recovered based on the existing file and the encryption algorithm.

In some embodiments, the specified authentication file includes a first authentication file (e.g.,/dev/attestation/user_report_data) and a corresponding second authentication file (e.g.,/dev/attestation/quote); acquiring authentication reference information from a specified authentication file based on the first temporary public key, the first cryptographic hash of verifier identity information, and the configuration information, including:

Computing a second cryptographic Hash (e.g., hash in fig. 4) of the first temporary public key, the first cryptographic Hash, and the configuration information;

expanding the second password hash to obtain an expanded password hash;

and writing the extended password hash into the first authentication file, and reading the authentication reference information from the second authentication file.

In some embodiments, the authentication result includes a verification-side long-term public key (e.g., pk2 in fig. 4), verification signature data (e.g., sig in fig. 4), an encrypted data key (e.g., c in fig. 4), and a verification-side certificate (e.g., cert in fig. 4);

the method further comprises the steps of:

verifying the verification end certificate based on a CA root certificate to verify the identity of the verification end;

in response to successful authentication of the authentication end, performing signature authentication on the authentication signature data based on the long-term public key of the authentication end;

in response to the signature verification being successful, a data key (e.g., dk in FIG. 4) is calculated based on the encrypted data key and the target key establishment mode.

In some embodiments, for the public key distribution mode, signing the verification signature data based on the verification-side long-term public key comprises:

Performing signature verification on the verification signature data based on the verification-side long-term public key, the verification signature data, the first temporary public key, and the encrypted data key (e.g., verify (pk 2; sig; epk 1||c) = true in fig. 4);

alternatively, for the key agreement mode or key transmission mode, the authentication result further includes the second temporary public key (e.g., epk2 in fig. 4); signature verification is carried out on the verification signature data based on the verification end long-term public key, and the method comprises the following steps:

signature verification is performed on the verification signature data based on the verification-side long-term public key, the verification signature data, the first temporary public key, the second temporary public key, and the encrypted data key (for example, verify (pk 2; sig; epk1|| epk2 |2||c) = true in fig. 4).

In some embodiments, calculating a data key based on the encrypted data key and the target key establishment mode includes:

generating a master key (e.g., k=r1× epk2 in fig. 4) based on the first temporary private key (e.g., epk1 =r1 in fig. 4) and the second temporary public key (e.g., epk2 in fig. 4) if the target key establishment mode is a key transmission mode or a key negotiation mode;

Generating a session key (e.g., sk in fig. 4) based on the master key, the first temporary public key, the second temporary public key, and a first cryptographic hash of the configuration information;

for the key negotiation mode, the data key is the session key (e.g., dk=sk in fig. 4);

alternatively, for the key transmission mode, decrypting the encrypted data key based on the session key to obtain the data key (e.g., dk=aes (sk; c) in fig. 4);

alternatively, for the public key distribution mode, the encrypted data key is decrypted based on the prover private key of the prover public-private key pair (e.g., dk=pke (rsk; c) in fig. 4).

In some embodiments, the method 500 further comprises:

receiving encrypted data (such as transmission ciphertext c_data) from a verification terminal, wherein the encrypted data is obtained by encrypting data to be processed (such as data to be processed);

a data processing result is obtained based on the data key (e.g., dk in fig. 4) and the encrypted data, and the calculation result is data-transmitted based on the data key.

In some embodiments, if the target key establishment mode is a key transmission mode or a key negotiation mode, the encrypted data is obtained by encrypting the data to be processed based on the data key;

Obtaining a data processing result based on the data key and the encrypted data, and performing data transmission on the calculation result based on the data key, further comprising:

decrypting the encrypted data based on the data key to obtain the data to be processed;

the data to be processed is processed correspondingly to obtain a processing result (for example, a plaintext result of the previous embodiment), and the calculation result is encrypted based on the data key to obtain an encryption result (for example, a result ciphertext c_result of the previous embodiment);

and sending the encryption result to a user.

In some embodiments, if the target key establishment mode is a public key distribution mode, the encrypted data (e.g., the transmission ciphertext c_data') in the foregoing embodiments encrypts the data to be processed (e.g., the data to be transmitted in the foregoing embodiments) based on the data key to obtain first encrypted data, and then encrypts the first encrypted data based on a public key of the proving side in the public-private key pair (e.g., the public key epk1 in the foregoing embodiments);

Receiving the encrypted data (such as the transmission ciphertext c_data ') and the signature data of the encrypted data (such as the signature result sig of the foregoing embodiment), wherein the signature data of the encrypted data is obtained by verifying and signing a third cryptographic Hash (such as the Hash value Hash (c_data') of the foregoing embodiment) of the encrypted data based on a verification-side long-term private key (such as the verification-side long-term private key sk 2);

verifying the signature data of the encrypted data based on a verification-side long-term public key (such as a verification-side long-term private key pk 2), and decrypting the encrypted data based on a verification-side private key (such as a verification-side private key rsk) in a verification-side public-private key pair and the data key to obtain the data to be processed;

performing corresponding data processing on the data to be processed to obtain a processing result (for example, a plaintext result' in the foregoing embodiment), and encrypting the calculation result based on the data key to obtain an encryption result;

and sending the encryption result to a verification terminal for decryption, and obtaining the decrypted processing result for sending to a user.

Referring to fig. 6, fig. 6 shows a schematic diagram of a remote authentication method according to an embodiment of the present disclosure. The method 600 may be used to implement remote authentication and may be implemented by the server 110 or the terminal 120 of fig. 1, or by both the server 110 and the terminal 120. And may also be implemented by the electronic device 200 of fig. 2. Referring to fig. 6, the method 600 may include the following steps.

In step S610, an authentication request (e.g., req in fig. 4) from the prover is received, the authentication request including a first temporary public key from the prover, authentication reference information, a first cryptographic hash of verifying identity information, and configuration information; the authentication reference information is obtained from a specified authentication file based on the first temporary public key, the first password hash and the configuration information so as to authenticate whether the proving end is trusted or not; the configuration information comprises verification terminal identity information and a target key establishment mode set by a user based on a plurality of key establishment modes; the plurality of key establishment modes comprise a key transmission mode, a key negotiation mode and a public key distribution mode;

in step S620, the authentication request is parsed, and the identity of the verification terminal is confirmed based on a first cryptographic hash (e.g., id2 in fig. 4) of the verification terminal identity information;

in step S630, in response to the identity confirmation of the verification end being successful, invoking a remote authentication service (e.g., IAS/PCCS in fig. 4) to authenticate the authentication reference information (e.g., quote in fig. 4) to determine whether the verification end is trusted;

in step S640, in response to determining that the prover is authentic, generating an authentication result (e.g., resp in fig. 4) based on the target key establishment pattern;

In step S650, the authentication result is sent to the proving end.

In some embodiments, generating an authentication result based on the target key establishment mode includes:

randomly generating a second temporary private key (e.g., esk2 in fig. 4) if the target key establishment mode is the key negotiation mode or the key transmission mode, and generating a second temporary public key (e.g., epk2 in fig. 4) based on the second temporary private key;

generating a master key (e.g., k in step S424 of fig. 4) based on the first temporary public key (e.g., epk in step S424 of fig. 4) and the second temporary private key (e.g., esk2 in step S424 of fig. 4);

generating a session key (e.g., sk=h (cf| epk1|| epk 2|k) in step S424 of fig. 4) based on the configuration information, the first temporary public key, the second temporary public key, and the master key; for the key negotiation mode, the data key is the session key (e.g., dk=sk in step S424 of fig. 4) and the encrypted data key is Null (e.g., c=null in step S424 of fig. 4);

for the key transmission mode, a data key is randomly generated (e.g., dk in step S424 of fig. 4) and an encrypted data key is obtained based on encrypting the data key and the session key (e.g., c=aes (sk; dk) in step S424 of fig. 4);

Signing the first temporary public key, the second temporary public key, and the encrypted data key based on the long-term private key, resulting in verification signature data (e.g., sig=sig (sk 2;

epk1||epk2||c))；

obtaining the authentication result based on the second temporary public key, the verification signature data, the encrypted data key, and a verification-side certificate (for example, in step S424 in fig. 4

resq＝epk2||c||sig||cert)；

If the target key establishment mode includes a public key distribution mode,

randomly generating a data key or acquiring a data key set by a user (e.g., dk in step S423 in fig. 4);

encrypting the data key based on a first temporary public key (e.g., rpk) of the prover public-private key pair to obtain an encrypted data key (e.g., c=pke (rpk; dk) in step S423 in fig. 4);

the public and private key pairs (rpk, rsk) of the proving end are randomly generated or recovered based on the existing file and the encryption algorithm;

signing the first temporary public key and the encrypted data key based on the verification-side long-term private key (e.g., sk 2) to obtain verification signature data (e.g., in step S423 in fig. 4)

sig＝Sig(sk2；epk1||c))；

Based on the verification signature data the encrypted data key and the verification-side certificate obtain the authentication results (e.g. step S423 in FIG. 4) in (c=c|||sig||cert).

According to the embodiment of the disclosure, a trusted computing service can be compatible with multiple key establishment modes simultaneously, including key transmission, key negotiation and public key distribution, so that a user can select the key establishment mode according to requirements of deployment capability, data key updating and the like of the user for different application scenes. For example, if a user is able to deploy verifiers directly and has the ability to securely save data keys, two modes of key agreement or key transmission may be selected; if the calculation task of the user is immediate and the data sets submitted differently do not need joint calculation, key negotiation can be selected, otherwise, if ciphertext needs to be stored and joint calculation can be frequently carried out by key transmission, the keys of all the data sets are consistent, thereby facilitating the execution of decryption and calculation by an application program enclave; if the actual application is personal, such as a ToC scene, the personal user side cannot deploy verifiers and cannot safely store data keys, a public key distribution mode can be selected, namely, believing a remote verifiers, obtaining authenticated Attestor public keys with the help of the verifiers, encrypting data by using an envelope encryption mode, then transmitting ciphertext hash values to the verifiers, signing the verifiers by the verifiers, and transmitting ciphertext and signature results to Enclave by a user; and encrypting the Enclave calculation result by using the data key, returning the result to the Verifier, decrypting the result by the Verifier, and transmitting the result to the user. Therefore, the method can be compatible with the efficient remote authentication scheme with multiple key modes at the same time, only needs one round of interaction, supports two-way authentication, can meet the authentication and remote authentication functions and security requirements of SGX applications, and resists replay attack, unknown key sharing attack and the like.

It should be noted that the method of the embodiments of the present disclosure may be performed by a single device, such as a computer or a server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the methods of embodiments of the present disclosure, the devices interacting with each other to accomplish the methods.

It should be noted that the foregoing describes some embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments described above and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

Based on the same inventive concept, the present disclosure also provides a remote authentication device corresponding to the method of any embodiment.

Referring to fig. 7, the remote authentication apparatus includes:

the authentication reference module is used for acquiring authentication reference information from a specified authentication file based on the first temporary public key, the first password hash of the verifier identity information and the configuration information; the authentication reference information is used for providing the authentication reference information to the verification terminal to authenticate whether the verification terminal is trusted or not;

Referring to fig. 8, the remote authentication apparatus includes:

the analysis module is used for analyzing the authentication request;

the authentication result module is used for generating an authentication result based on the target key establishment mode in response to the fact that the proving end is trusted;

For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of the various modules may be implemented in the same one or more pieces of software and/or hardware when implementing the present disclosure.

The device of the foregoing embodiment is configured to implement the corresponding remote authentication method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.

Based on the same inventive concept, corresponding to any of the above-described embodiments of the method, the present disclosure further provides a non-transitory computer-readable storage medium storing computer instructions for causing the computer to perform the remote authentication method as described in any of the above-described embodiments.

The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.

The storage medium of the above embodiment stores computer instructions for causing the computer to perform the remote authentication method according to any one of the above embodiments, and has the advantages of the corresponding method embodiments, which are not described herein.

Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the disclosure, including the claims, is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined under the idea of the present disclosure, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the present disclosure as described above, which are not provided in details for the sake of brevity.

Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present disclosure. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present disclosure, and this also accounts for the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform on which the embodiments of the present disclosure are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the disclosure, it should be apparent to one skilled in the art that embodiments of the disclosure can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.

While the present disclosure has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.

The disclosed embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Accordingly, any omissions, modifications, equivalents, improvements, and the like, which are within the spirit and principles of the embodiments of the disclosure, are intended to be included within the scope of the disclosure.

Claims

1. A method of remote authentication, comprising:

Acquiring authentication reference information from a specified authentication file based on the first temporary public key, a first password hash of the verifier identity information and the configuration information; the authentication reference information is used for providing the authentication reference information to the verification terminal to authenticate whether the verification terminal is trusted or not;

and sending the authentication request to the verification terminal, and receiving an authentication result aiming at the authentication request from the verification terminal, wherein the authentication result indicates that the proving terminal is a trusted execution environment.

2. The method of claim 1, wherein generating a first temporary public key based on the target key establishment mode comprises:

if the target key establishment mode is a key transmission mode or a key negotiation mode, generating a first temporary public key based on a randomly generated first temporary private key and an elliptic encryption algorithm;

if the target key establishment mode is a public key distribution mode, generating a first temporary public key based on a proving-end public key in a proving-end public-private key pair, a first challenge value generated randomly and a second challenge value set by a user; the public and private key pairs of the proving end are randomly generated or recovered based on the existing file and the encryption algorithm.

3. The method of claim 1, wherein the specified authentication file comprises a first authentication file and a corresponding second authentication file; acquiring authentication reference information from a specified authentication file based on the first temporary public key, the first cryptographic hash of verifier identity information, and the configuration information, including:

calculating a second cryptographic hash of the configuration information, the first temporary public key, and the first cryptographic hash;

expanding the second password hash to obtain an expanded password hash;

4. The method of claim 1, wherein the authentication result comprises a verification-side long-term public key, verification signature data, an encrypted data key, and a verification-side certificate;

the method further comprises the steps of:

and in response to the signature verification success, calculating a data key based on the encrypted data key and the target key establishment mode.

5. The method of claim 4, wherein for the public key distribution mode, performing signature verification on the verification signature data based on the verification-side long-term public key comprises:

signature verification is carried out on the verification signature data based on the verification terminal long-term public key, the verification signature data, the first temporary public key and the encryption data key;

or, for the key negotiation mode or key transmission mode, the authentication result further includes the second temporary public key; signature verification is carried out on the verification signature data based on the verification end long-term public key, and the method comprises the following steps:

and carrying out signature verification on the verification signature data based on the verification end long-term public key, the verification signature data, the first temporary public key, the second temporary public key and the encrypted data key.

6. The method of claim 5, wherein calculating a data key based on the encrypted data key and the target key establishment mode comprises:

generating a master key based on the first temporary private key and the second temporary public key if the target key establishment mode is a key transmission mode or a key negotiation mode;

Generating a session key based on the master key, the first temporary public key, the second temporary public key, and a first cryptographic hash of the configuration information;

for the key agreement mode, the data key is the session key;

or, for the key transmission mode, decrypting the encrypted data key based on the session key to obtain the data key;

or for the public key distribution mode, decrypting the encrypted data key based on the proving-side private key of the proving-side public-private key pair to obtain the data key.

7. The method of claim 6, wherein the method further comprises:

receiving encrypted data from a verification terminal, wherein the encrypted data is obtained by encrypting data to be processed;

and obtaining a data processing result based on the data key and the encrypted data, and carrying out data transmission on the calculation result based on the data key.

8. The method according to claim 7, wherein if the target key establishment mode is a key transmission mode or a key negotiation mode, the encrypted data is obtained by encrypting the data to be processed based on the data key;

carrying out corresponding data processing on the data to be processed to obtain a processing result, and encrypting the calculation result based on the data key to obtain an encryption result;

and sending the encryption result to a user.

9. The method according to claim 7, wherein if the target key establishment mode is a public key distribution mode, the encrypted data is obtained by encrypting the data to be processed based on the data key to obtain first encrypted data, and then encrypting the first encrypted data based on an evidence-side public key in an evidence-side public-private key pair;

receiving the encrypted data and signature data of the encrypted data, wherein the signature data of the encrypted data is obtained by verifying and signing a third password hash of the encrypted data based on a long-term private key of a verification terminal;

Verifying the signature data of the encrypted data based on a long-term public key of a verification terminal, and decrypting the encrypted data based on a verification terminal private key and the data key in a public-private key pair of the verification terminal to obtain the data to be processed;

10. A method of remote authentication, comprising:

generating an authentication result based on the target key establishment mode in response to determining that the proving end is trusted;

and sending the authentication result to a proving end.

11. The method of claim 10, wherein generating an authentication result based on the target key establishment mode comprises:

if the target key establishment mode is the key negotiation mode or the key transmission mode,

randomly generating a second temporary private key and generating a second temporary public key based on the second temporary private key;

generating a master key based on the first temporary public key and the second temporary private key;

generating a session key based on the configuration information, the first temporary public key, the second temporary public key, and the master key;

for the key agreement mode, the data key is the session key and the encrypted data key is null; for the key transmission mode, randomly generating a data key and encrypting the data key based on encrypting the data key and the session key;

Signing the first temporary public key, the second temporary public key and the encrypted data key based on a long-term private key to obtain verification signature data;

obtaining the authentication result based on the second temporary public key, the verification signature data, the encrypted data key and the verification-side certificate;

if the target key establishment mode includes a public key distribution mode,

randomly generating a data key or acquiring a data key set by a user;

encrypting the data key based on a first temporary public key in the public-private key pair of the proving end to obtain an encrypted data key; the public and private key pairs of the proving end are randomly generated or recovered based on the existing file and the encryption algorithm;

signing the first temporary public key and the encrypted data key based on the verification terminal long-term private key to obtain verification signature data;

and obtaining the authentication result based on the verification signature data, the encryption data key and the verification end certificate.

12. A remote authentication apparatus, comprising:

13. A remote authentication apparatus, comprising:

The analysis module is used for analyzing the authentication request;

14. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 11 when the program is executed.

15. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 11.

16. A computer program product comprising computer program instructions which, when run on a computer, cause the computer to perform the method of any of claims 1 to 11.