Summary of the invention
The object of the present invention is to provide a kind of authenticated key agreement and method for updating that is applicable between electronic equipment interfaces based on public key certificate.
For achieving the above object, the invention provides a kind of authenticated key agreement and update method that is used between electronic equipment interfaces based on PKI.That is, the source device of participation authenticated key agreement and destination device basis be the configuration information of interface separately, selects unidirectional authentication or two-way authentication mode, generates shared secret by using the Diffie-Hellman Internet Key Exchange; Guarantee the consistency of the shared secret generated and the integrality of message by HMAC key hash function.
Described unilateral authentication and two-way authentication mode comprise authentication fully and authentication again respectively, under the situation of authentication fully, do not have under the situation of shared key K _ M at source device and destination device, by use signature technology guarantee the sender of certificate hold really with certificate in the corresponding private key of PKI, thereby determine the legitimacy of equipment; Under the situation of authentication again, hold the legitimacy that shared this fact of key is confirmed equipment by use.
Described two-way complete authentication mode be source device and the destination device at communicating pair have list of cert situation under, confirm that certified side has the private key that it sends certificate really, thereby determine certified side's identity; When confirming identity, generate the secret value that communicating pair exclusively enjoys by the exchange random number, and can confirm the consistency and the secret of this value.
Adopt two-way the authentication fully when carrying out Authentication and Key Agreement between source device and destination device, (G n) goes up realization, wherein F to this authentication mode for Fq, E at elliptic curve by following steps
qBe the finite field that is characterized as q, E is F
qOn elliptic curve, G is the basic point on the E, n is the rank of G:
A) source device calculates random number 1<x<n, calculates scalar and takes advantage of xG, sends source device list of cert and this scalar and takes advantage of: Cert_Source_list ‖ xG;
B) whether destination device checking source device certificate is revoked, the content in each territory of certificate in the checking source device list of cert; Calculate random number 1<y<n, calculate scalar and take advantage of yG, use HMAC key hash function Hash, with the xyG low level | the q| bit is a key, ID_Source carries out hash to the unique sign of the certificate of source device, the private key of application target equipment uses signature algorithm E_S signature to this Hash Value, sends following content to source device:
Cert_Des_list‖yG‖E_S{Hash([xyG]
lsb|q|,ID_Source)};
C) whether source device checking destination device certificate is revoked, and the content in each territory of certificate is calculated shared secret xyG in the checking destination device list of cert, calculates Hash Value Hash ([xyG]
Lsb|q|, ID_Source), the destination device signature that checking receives; Use HMAC key hash function Hash, with an xyG high position (| xyG|-|q|) bit is a key, ID_Des carries out hash to the unique sign of the certificate of destination device, use the private key of source device that this Hash Value is used signature algorithm E_S signature, confirm that the destination device certificate is not revoked, send following content to destination device:
E_S{Hash([xyG]
msb|q|,ID_Des)}
Afterwards, source device uses HMAC key hash function Hash to be key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, and its result is as shared key K _ M of both sides, and the storage data are right<K_M, ID_Des 〉;
D) destination device calculates Hash Value Hash ([xyG]
Msb|q|, ID_Des), the source device signature that checking receives; Confirming that the source device certificate is not revoked, use HMAC key hash function Hash, is key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, and its result is as shared key K _ M of both sides, the storage data are right<and K_M, ID_Source 〉.
Described two-way authentication mode again is to be that source device and destination device have under the situation of shared key K _ M at communicating pair, confirms that both sides have identical shared key really, examines the identity of communicating pair; Simultaneously, both sides generate new shared key by the random number and the shared secret of exchange, finish key updating.
When between source device and destination device, using two-way authentication mode again to authenticate, have following steps with key updating:
A) source device reads the unique sign of the holder ID_Source in the source device certificate, calculates random number R and_Source, sends the unique sign of source device and this random number:
ID_Source‖Rand_Source;
B) ID_Source of the ID_Source of destination device checking reception and local storage; Calculate random number R and_Des, use HMAC key hash function Hash, to share the height of key K _ M | K_M|/2 bit is a key, ID_Source ‖ Rand_Source ‖ ID_Des ‖ Rand_Des is carried out hash, obtain Des_HashValue, the certificate holder who reads in the destination device certificate indicates ID_Des, sends the unique sign of destination device, random number and Hash Value:
ID_Des‖Rand_Des‖Des_HashValue;
C) ID_Des of the ID_Des of source device checking reception and local storage, the Hash Value Des_HashValue of checking reception; Use HMAC key hash function Hash, to share the low of key K _ M | K_M|/2 bit is a key, and ID_Des ‖ Rand_Des is carried out hash, obtains the Source_HashValue value, sends this Hash Value to destination device; Use Hash to be key afterwards, Rand_Des ‖ Rand_Source carried out hash, obtain new shared key with current shared key K_M:
K_M=Hash(K_M,Rand_Des‖Rand_Source);
D) the Hash Value Source_HashValue of destination device checking reception, checking is key by then using Hash with current shared key K_M, and Rand_Des ‖ Rand_Source is carried out hash, obtains new shared key:
K_M=Hash(K_M,Rand_Des‖Rand_Source)。
Described unidirectional complete authentication mode is to have under the situation of list of cert certified side, confirms that certified side has the private key that it sends certificate really, thereby determines certified side's identity; When confirming certified side's identity, the both sides of negotiation generate the shared secret that both sides exclusively enjoy by the random value of exchange, and can be confirmed the consistency of this value by authenticating party.
When between source device and destination device, using unidirectional complete authentication mode to carry out Authentication and Key Agreement, by following steps at elliptic curve (F
q, E, G, n) go up realization:
A) source device calculates random number 1<x<n, calculates scalar and takes advantage of xG, sends unique sign of source device and scalar and takes advantage of:
ID_Source‖xG;
B) destination device calculates random number 1<y<n, calculate scalar and take advantage of yG, calculate shared secret xyG, use HMAC key hash function Hash, with the xyG low level | the q| bit is a key, ID_Source carries out hash to the unique sign of the certificate of source device, and the private key of application target equipment uses signature algorithm E_S signature to this Hash Value, sends following content to source device:
Cert_Des_list‖yG‖E_S{Hash([xyG]
lsb|q|,ID_Source)};
Use the Hash function to be key with xyG, ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, its result is as shared key K _ M of both sides, and the storage data are right<K_M, ID_Source 〉;
C) whether source device checking destination device certificate is revoked, and the content in each territory of certificate is calculated shared secret xyG in the checking destination device list of cert, the correctness of the destination device signature that checking receives; Using HMAC key hash function Hash, is key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, and its result confirms that as shared key K _ M of both sides the destination device certificate is not revoked, the storage data are right<and K_M, ID_Des 〉.
Described unidirectional authentication mode again is to be that source device and destination device have under the situation of shared key K _ M at communicating pair, confirms that by authenticating party certified side has the shared secret identical with authenticating party really; After confirming the consistency of shared secret, communicating pair upgrades both sides' shared key by the random number that authenticating party sent, and finishes key updating; The affirmation of certified side's identity is finished by the binding of authenticating party identity and shared key.
When between source device and destination device, adopting unidirectional authentication mode again to authenticate, have following steps with key updating:
A) source device calculates random number R and_Source, sends the unique sign of source device and this random number:
ID_Source‖Rand_Source;
B) ID_Source of the ID_Source of destination device checking reception and local storage; Using HMAC key hash function Hash to share the low of key K _ M | K_M|/2 bit is key, ID_Source ‖ Rand_Source is carried out hash, obtain the Uni_Des_HashValue value, the certificate holder who reads in the destination device certificate indicates ID_Des, sends unique sign of destination device and Hash Value:
ID_Des‖Uni_Des_HashValue;
Using Hash, is key with K_M, and Rand_Source is carried out hash, obtains new shared key K _ M;
C) ID_Des of the ID_Des of source device checking reception and local storage, checking Hash Value Uni_Des_HashValue; Use HMAC key hash function Hash to be key, Rand_Source is carried out hash, obtain new shared key K _ M with K_M.
Embodiment
When digital content is propagated between two consumer-elcetronics devicess; in order to guarantee that digital content is to propagate between two legal consumer-elcetronics devicess; and the digital content of being propagated is effectively protected and is difficult for being blocked or stealing, two each interfaces of consumer-elcetronics devices need carry out authentication and key agreement according to its selection of configuration appropriate authentication key agreement mode separately.
In the present invention, described authenticated key agreement mode comprises unidirectional authentication and two-way authentication mode.Described unidirectional authentication comprises unidirectional complete authentication mode and unidirectional authentication mode again; Described two-way authentication mode comprises two-way complete authentication mode and two-way authentication mode again.
Here, two equipment that participation authenticated key agreement mode is moved are called source device and destination device.Source device and destination device are carried out a kind of authentication mode according to the selection of configuration of both sides' interface:
1) interface type is POD or HDMI, DVI, and the fill order is to authenticated key agreement and key updating.
2) interface type is IEEE1394, USB, and source device and destination device are all supported two-way authentication, then carry out two-way authentication key agreement and renewal.
3) interface type is IEEE1394, and USB, destination device only support unilateral authentication, allows in the source device configured strategy to carry out unilateral authentication, and then the fill order is to authenticated key agreement and renewal.
4) other interface type, according to the collocation strategy of source device, the certificate scheme of support, the certificate scheme type that the certificate scheme decision that destination device is supported is carried out.
Under the general situation, source device select the fill order to or the two-way authentication mode after, if the shared key before the local not storage, then the fill order to or two-way complete authentication mode; If the shared key before local the storage, then the fill order to or two-way authentication mode again.
In four kinds of mentioned authenticated key agreement modes of the present invention, use following content:
1) participate in source device that the authenticated key agreement mode moves and destination device respectively at local Store Credentials tabulation Cert_Source_list and Cert_Des_list, the quantity of the certificate that is comprised in these list of cert is by the trust model decision of applied environment.Cert_Source_list comprises source device certificate Cert_Source at least, and Cert_Des_list then comprises destination device certificate Cert_Des at least.The certificate format of employed device certificate can be abideed by form or certain certificate format that is common to a plurality of interfaces that X.509 CCITT stipulates, at least to comprise " the unique sign of certificate holder ", " public key information ", " certificate issuance person sign ", " certificate signature algorithm information ", contents such as " certificate signature ".In the authenticated key agreement mode certificate information of using is comprised " the certificate holder sign " ID_Source of source device certificate and " the unique sign of certificate holder " ID_Des of destination device certificate, other operation relevant with certificate is narrated with written form.
2) the authenticated key agreement mode need be made as (F about one group of parameter of elliptic curve
q, E, G, n), F wherein
qFor being characterized as the finite field of q, E is F
qOn elliptic curve, G is the basic point on the E, n is the rank of G.
3) the signature algorithm E_S{} in the authenticated key agreement mode represents to use unique private key of equipment to come the content in { } is signed.Signature algorithm can be any specific algorithm, selects message attack safety as long as this algorithm satisfies adaptability.(key, content) expression uses key key to calculate the Hash Value of content to HMAC key hash function Hash in this mode.Same Hash can be any specific algorithm, as long as this algorithm has mixing transformation, anti-collision attack, antigen three character attributes as attacking.
4) using symbol in the authenticated key agreement mode | x| represents the length of data x, the number of employed binary character when promptly this data conversion is binary representation, for example | 2
192|=192; Use symbol [x]
LsbyThe y Bit data of x of representing to fetch data from lowest order (0 bit) to the y-1 bit; Use symbol [x]
MsbyRepresent to fetch data x from the y bit to highest order (| x|-y) Bit data.
Authenticated key agreement and update method based on public key certificate between electronic equipment interfaces of the present invention generate shared secret by using the Diffie-Hellman Internet Key Exchange; Guarantee the consistency of the shared secret generated and the integrality of message by hmac algorithm; Under the situation of authentication fully, by use signature technology guarantee the sender of certificate hold really with certificate in the corresponding private key of PKI, thereby determine the legitimacy of equipment; Under the situation of authentication again, hold the legitimacy that shared this fact of key is confirmed equipment by use.Here, suppose that prejudgementing character Diffie-Hellman problem is a difficult problem on the elliptic curve, suppose that used signature algorithm is safe, supposes that used hmac algorithm has mixing transformation, anti-collision attack, antigen three character as attacking under adaptability selection message attack.Under above-mentioned assumed conditions, can prove that authenticated key agreement of the present invention and update method are being safe aspect secret and the authentication property.
After source device and destination device are determined a kind of authenticated key agreement mode according to the configuration of its interface, then carry out authentication and cipher key change according to the content of this selected authenticated key agreement mode.
Four kinds of authenticated key agreement modes of the present invention are described respectively below.After source device is selected to carry out the two-way authentication mode, if the shared key before the local not storage is then carried out two-way complete authentication mode.
(1) two-way authentication fully
When adopting two-way complete authentication mode between source device and the destination device, by following steps at elliptic curve (F
q, E, G n) goes up realization, wherein F
qFor being characterized as the finite field of q, E is F
qOn elliptic curve, G is the basic point on the E, n is the rank of G.
As shown in Figure 1, two-way complete authentication mode comprises the steps:
1. the source device main program calls the two-way subprogram that authenticates fully and sends two-way article one message that authenticates fully.This subprogram reads source device list of cert Cert_Source_list, calculates random number 1<x<n, calculates scalar and takes advantage of xG, sends message, and promptly source device list of cert and scalar are taken advantage of xG:
Cert_Source_list‖xG
In actual applications, above-mentioned message sends after need encapsulate again.Should indicate auth type (the two-way 0x01 that authenticates fully) under this message to the encapsulation of this message elements, if can exist a plurality of sessions to move simultaneously between source device and the destination device, then packaging information also comprises the session sequence number.
2. the destination device main program authenticates the two-way subprogram that authenticates fully that article one message hands to this equipment fully and handles two-way.This agreement subprogram will be finished following operation:
A) verify by the certificate validity query resource of destination device whether source device certificate Cert_Source is revoked.If there is not the certificate validity query resource in destination device, then send a notification message to source device indication destination device scarce capacity, stop carrying out this two-way complete mode.
In actual applications, each interface distributes specific sequence number (for example 0x01 represents not exist the resource of certificate validity inquiry) for this notification message, and according to the encapsulation of the form of each interface notification message and send this sequence number, encapsulated information should be enough to show the session sequence that mistake occurs, the part DH public key information that for example comprises special session, perhaps there is not multiple session in the session sequence number that perhaps comprises special session between source device and the destination device.
B) might be consuming time longer in view of certificate validity checking, so this subprogram need be verified below the executed in parallel with certificate validity and operates:
I. verify the information in each territory of certificate in the source device list of cert, specifically verify the standard decision of content by diploma system.Authentication failed then sends a notification message to source device, and report certification authentication failure stops carrying out this mode.
Ii. calculate random number y, calculate scalar and take advantage of yG, calculate shared secret xyG, use HMAC key hash function Hash, calculate Hash ([xyG]
Lsb|q|, ID_Source), the private key of application target equipment uses signature algorithm E_S{} signature to the Hash Value that calculated, reads destination device list of cert Cert_Des_list, sends message to source device:
Cert_Des_list‖yG‖E_S{Hash([xyG]
lsb|q|,ID_Source)}
In actual applications, encapsulate above-mentioned message, and then send.Want clear and definite message affiliated session sequence and auth type when encapsulating this protocol message.
3. the source device main program is responsible for the two-way second message that authenticates is fully handed to the full bi-directional authentication subprogram of this equipment and handled, and the notification message that destination device is sent is handed to notification message and handled subprogram and carry out.
The notification message of source device is handled " not having the validity query resource " that subprogram sends for destination device, and " certification authentication failure " such two class notification messages stop the specified session of these notification messages, regains system resource.
The two-way subprogram that authenticates is fully finished following operation:
A) verify by the certificate validity query resource of source device whether destination device certificate Cert_Des is revoked.If there is not the certificate validity query resource in source device, then send a notification message to destination device indication source device scarce capacity, stop carrying out this two-way complete authentication mode.
In actual applications, each interface need distribute specific sequence number (for example 0x01 represents not exist the resource of certificate validity inquiry) for this notification message, and according to the encapsulation of the form of each interface notification message and send this sequence number, can indicate when requiring encapsulation and wrong session sequence occurs.
B) might be consuming time longer in view of certificate validity checking, so this agreement subprogram need be verified below the executed in parallel with certificate validity and operates:
I. verify the information in each territory of certificate in the destination device list of cert, specifically verify the standard decision of content by each interface diploma system.Authentication failed then sends a notification message to destination device, and report certification authentication failure stops carrying out two-way authentication fully.
Ii. calculate shared secret xyG, use HMAC key hash function Hash, calculate Hash ([xyG]
Lsb|q|, ID_Source), checking receives the validity of signing in the message, if checking not by send a notification message and report an error to destination device, stop carrying out two-way authentication fully.
In actual applications, each interface should distribute specific sequence number (for example 0x02 represents the certification authentication failure) for this notification message, and according to the encapsulation of the form of each interface notification message and send this sequence number, wrong session sequence appears in same can indicating when requiring encapsulation.
Iii. use the Hash function, with [xyG]
Msb|q|Be key, ID_Des carries out hash to the unique sign of the certificate of destination device, uses the private key of source device that this Hash Value is used signature algorithm E_S{} signature:
E_S{Hash([xyG]
msb|q|,ID_Des)};
In actual applications, above-mentioned signature is encapsulated, want the session sequence and the auth type of clear and definite message during encapsulation.
Iv. source device uses the Hash function, is key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, and its result is as shared key K _ M of both sides:
K_M=Hash(xyG,ID_Source‖xG‖ID_Des‖yG);
V. check the result of in step a) certificate validity inquiry, if the certificate of destination device is effectively, then store data right<K_M, ID_Des 〉, the signature information that generates among the forwarding step iii is given destination device, otherwise sends a notification message, and termination protocol is carried out.
In actual applications, each interface should distribute specific sequence number (for example 0x04 represents that certificate is revoked) for this notification message, and according to the encapsulation of the form of each interface notification message and send this sequence number, can indicate when requiring encapsulation and wrong session sequence occurs.
4. the destination device main program is responsible for the two-way complete authentication protocol subprogram that the two-way message elements that authenticates the 3rd message is fully handed to this equipment is handled the message of reception, and the notification message that the notification message that receives is handed to destination device is handled subprogram and carried out.
The notification message of destination device is handled " not having the validity query resource " that subprogram sends for source device, " certification authentication failure ", " signature information authentication failed ", " certificate is revoked " a few like this class notification messages, stop the specified session of these notification messages, regain system resource.
The two-way subprogram that authenticates fully of destination device is finished following operation:
A) use HMAC key hash function Hash, calculate Hash ([xyG]
Msb|q|, ID_Des), read PKI among the Cert_Source, checking receives in the message and signs, and verifies that invalid then sending a notification message reports an error to source device, stops carrying out two-way authentication fully.
In actual applications, each interface is that this notification message distributes specific sequence number (for example 0x03 presentation protocol signature information authentication failed), and according to the form encapsulation of each interface notification message and send this sequence number, indicates during encapsulation wrong session sequence to occur.
B) a) result of middle Cert_Source validity inquiry of inspection step 2 is revoked if Query Result shows the source device certificate, and then sending a notification message reports an error to the source function device, and the termination execution is two-way to be authenticated fully.
In actual applications, each interface is that this notification message distributes specific sequence number (for example 0x04 represents that certificate is revoked), and according to the form encapsulation of each interface notification message and send this sequence number, can indicate during encapsulation wrong session sequence to occur.
C) use Hash function calculation master key K_M as follows:
K_M=Hash(xyG,ID_Source‖xG‖ID_Des‖yG);
D) storage<K_M, ID_Source 〉.
5. source device is after receiving the notification message of destination device, and the data of removing storage are right<K_M, ID_Des 〉.
(2) two-way authentication again
After source device is selected to carry out two-way authentication, if the shared key before local the storage is then carried out two-way authentication mode again.As shown in Figure 2, these agreement concrete steps are as follows:
1. the source device main program calls the two-way subprogram that authenticates again and sends two-way article one message that authenticates fully.This agreement subprogram reads the unique sign of the holder ID_Source in the source device certificate, calculates the random number R and_Source that is no less than 64 bits, sends message:
ID_Source‖Rand_Source
In actual applications, above-mentioned message needs encapsulation, and the encapsulation of this message elements is wanted to indicate auth type under this message, if can exist a plurality of sessions to move simultaneously between source device and the destination device, then packaging information also comprises the session sequence number.
2. the destination device main program is responsible for authenticating the two-way subprogram that authenticates again that article one message hands to this equipment again and handling two-way.This agreement subprogram will be finished following operation:
A) store<K_M the ID_Source that is relatively received and this locality, ID_Source〉in ID_Source whether identical, if it is different, removing<K_M then, ID_Source 〉, send a notification message to source device then, stop the execution of two-way authentication mode again this time, two-way authentication is fully carried out in request.
In actual applications, each interface should distribute specific sequence number (for example 0x05 represents that again certificate of certification holder sign does not match) for this notification message, and according to the encapsulation of the form of each interface notification message and send this sequence number, can indicate when requiring encapsulation and wrong session sequence occurs.
B) if the ID_Source that is received and local storage<K_M, ID_Source〉in ID_Source identical, the certificate holder who then reads in the destination device certificate indicates ID_Des, calculating is no less than 64 bit random number R and_Des, use HMAC key hash function Hash, to share the height of key K _ M | K_M|/2 bit, carry out hash to ID_Source ‖ Rand_Source ‖ ID_Des ‖ Rand_Des, obtain the Des_HashValue value, calculate Hash Value Des_HashValue:
Hash([K_M]
msb|K_M|/2,ID_Source‖Rand_Source‖ID_Des‖Rand_Des)
C) send message:
ID_Des‖Rand_Des‖Des_HashValue。
In actual applications, need encapsulate, want clear and definite message affiliated session sequence and auth type during encapsulation message.
3. the source device main program is responsible for two-wayly authenticating the message that subprogram is handled reception to what the two-way message elements that authenticates second message was again handed to this equipment again, and the notification message that destination device is sent is handed to notification message and handled subprogram and carry out.
The notification message of source device is handled " certificate of certification holder sign does not match again " such notification message that subprogram sends for destination device, stop the specified session of these notification messages, regain system resource, removing<K_M, ID_Des 〉, carry out two-way authentication fully with this destination device then.
The two-way authentication mode again that source device adopts has following steps:
A) store<K_M the ID_Des that is relatively received and this locality, ID_Des〉in ID_Des whether identical, if different, then store<K_M removing this locality, ID_Des 〉, send " the certificate of certification holder does not match again " notification message and give destination device, stop this session, recovery system resource, removing<K_M, ID_Des 〉, carry out two-way authentication fully with this destination device then.
B) if ID_Des that is received and local storage<K_M, ID_Des〉in ID_Des identical, then use HMAC key hash function Hash to calculate following Hash Value Local_Des_Hash Value:
Hash([K_M]
msb|K_M|/2,ID_Source‖Rand_Source‖ID_Des‖Rand_Des)
C) whether the HashValue that relatively receives is identical with the Local_Des_HashValue of calculating, different then remove local storage<K_M, ID_Des 〉, send " authenticating Hash Value does not again match " notification message and give destination device, stop this session, recovery system resource, removing<K_M, ID_Des 〉, carry out two-way authentication fully with this destination device then.
D) use the Hash function, to share the low of key K _ M | K_M|/2 bit is a key, and ID_Des ‖ Rand_Des is carried out hash, and calculating and sending send Hash Value Source_HashValue to give destination device:
Hash([K_M]
lsb|K_M|/2‖ID_Des‖Rand_Des)
In actual applications, need to send Hash Value Source_HashValue to destination device after the encapsulation.At this moment the protocol message unit only comprises this Hash Value.Want clear and definite message affiliated session sequence and auth type during encapsulation.
E) calculate new K_M, renewal<K_M, ID_Des〉in K_M.New K_M is calculated as follows:
K_M=Hash(K_M,Rand_Des‖Rand_Source)
4. the destination device main program is responsible for authenticating the 3rd message again and handing to the message that the two-way subprogram of authentication protocol again of this equipment is handled reception two-way, and the notification message that the notification message that receives is handed to destination device is handled subprogram and carried out.
The notification message of destination device is handled " certificate of certification holder sign does not match again " that subprogram sends for source device, " authenticating Hash Value does not again match " such two class notification messages, stop the specified session of these notification messages, regain system resource, removing<K_M, ID_Source 〉.
The two-way authentication protocol again of destination device subprogram is finished following operation:
A) calculate Hash Value Local_Source_HashValue with HMAC key hash function Hash:
Hash([K_M]
lsb|K_M|/2‖ID_Des‖Rand_Des)
B) whether the Source_HashValue that relatively receives is identical with the Local_Source_HashValue of calculating, difference then sends " authenticating Hash Value does not again match " notification message and gives source device, stops this session, the recovery system resource, removing<K_M, ID_Source 〉.
C) calculate new K_M, renewal<K_M, ID_Source〉in K_M, authentication state is set.New K_M is calculated as follows:
K_M=Hash(K_M,Rand_Des‖Rand_Source)。
5. source device is after receiving the notification message of destination device, the right<K_M that clears data, ID_Des 〉, carry out two-way complete authentication protocol.
(3) unidirectional authentication fully
After source device was selected to carry out unilateral authentication, if local do not have to store authenticate key in the past, then the fill order was to complete authentication protocol.As shown in Figure 3, these agreement concrete steps are as follows:
1. determining the fill order after authenticating fully, the source device main program calls unidirectional complete authentication protocol subprogram and sends unidirectional article one message that authenticates fully.The certificate holder that this agreement subprogram reads in the source device certificate indicates ID_Source, calculates random number x, calculates scalar and takes advantage of xG, and send protocol message:
ID_Source‖xG
In actual applications, above-mentioned message need encapsulate transmission, the encapsulation of this protocol message unit is wanted to indicate auth type under this message, if can there be a plurality of sessions of operation simultaneously between source device and the destination device, then packaging information also should comprise the session sequence number.
2. the destination device main program is responsible for authenticating the unidirectional subprogram that authenticates fully that article one protocol message hands to this equipment fully and handling unidirectional.This agreement subprogram will be finished following operation:
A) calculate random number y, calculate yG, calculate shared secret xyG, use HMAC key hash function Hash, calculate Hash ([xyG]
Lsb|q|, ID_Source), the Hash Value signature to calculating reads the destination device list of cert, sends protocol message:
Cert_Des_list‖yG‖E_S{Hash([xyG]
lsb|q|,ID_Source)}
In actual applications, above-mentioned message need encapsulate transmission.Want clear and definite message affiliated session sequence and auth type during encapsulation.
B) using the Hash function, is key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, calculates the shared key of master key K_M as both sides, storage<K_M, ID_Source 〉.K_M is calculated as follows:
K_M=Hash(xyG,ID_Source‖xG‖ID_Des‖yG)
3. the source device main program is responsible for the unidirectional second protocol message that authenticates is fully handed to the protocol message that the unidirectional complete authentication protocol subprogram of this equipment is handled reception.This agreement subprogram is finished following operation:
A) verify by the certificate validity query resource of source device whether the certificate that receives is revoked.If there is not the certificate validity query resource in source device, then send " resource that does not have the certificate validity inquiry " notification message to destination device indication source device scarce capacity, stop carrying out unilateral authentication.
In actual applications, the encapsulation above-mentioned steps produce in a) notification message the time want to indicate and wrong session sequence occurs.
B) might be consuming time longer in view of certificate validity checking, so this agreement subprogram need be verified below the executed in parallel with certificate validity and operates:
I. verify the information in each territory of certificate in the destination device list of cert, specifically verify the standard decision of content by each interface diploma system.Authentication failed then sends " certification authentication failure " notification message to destination device, and termination protocol is carried out.
Want to indicate during the notification message that encapsulation above-mentioned steps b in actual applications) produces in the i item and wrong session sequence occurs.
Ii. calculate shared secret xyG, use HMAC key hash function Hash to calculate Hash ([xyG]
Lsb|q|, ID_Source), the public key verifications that reads Cert_Des receives the validity of signing in the message, if checking not by send " agreement signature information authentication failed " notification message and report an error the termination protocol execution to destination device.
Want to indicate during the notification message that encapsulation above-mentioned steps b in actual applications) produces in the ii item and wrong session sequence occurs.
Iii. using Hash, is key with xyG, and ID_Source ‖ xG ‖ ID_Des ‖ yG is carried out hash, calculates the shared key of master key K_M as both sides:
K_M=Hash(xyG,ID_Source‖xG‖ID_Des‖yG)。
Iv. check validity Query Result in step a), if certificate is effectively then storage<K_M, ID_Des 〉, otherwise send a notification message, indication " certificate is revoked ", termination routine is carried out.
Want to indicate during the notification message that encapsulation above-mentioned steps b in actual applications) produces in the iv item and wrong session sequence occurs.
4. the destination device main program is responsible for that the notification message that receives is handed to notification message and is handled the subprogram execution.
The notification message of destination device is handled " not having the validity query resource " that subprogram sends for source device, " certification authentication failure ", " signature information authentication failed ", " certificate is revoked " a few like this class notification messages, stop the specified session of these notification messages, regain system resource.
(4) unidirectional authentication again
After source device select to be carried out unilateral authentication, if the authenticate key before local the storage, then the fill order was to authentication mode again.As shown in Figure 4, these agreement concrete steps are as follows:
1. the source device main program calls the unidirectional subprogram that authenticates again and sends unidirectional article one message that authenticates fully.This subprogram reads the unique sign of the holder ID_Source in the source device certificate, calculates to be no less than 64 bit random number R and_Source, sends message:
ID_Source‖Rand_Source
In actual applications, above-mentioned message needs encapsulation, and the encapsulation of this message elements is wanted to indicate auth type under this message, if can exist a plurality of sessions to move simultaneously between source device and the destination device, then packaging information also should comprise the session sequence number.
2. the destination device main program is responsible for authenticating the unidirectional subprogram that authenticates again that article one message hands to this equipment again and handling unidirectional.This agreement subprogram will be finished following operation:
A) store<K_M the ID_Source that is relatively received and this locality, ID_Source〉in ID_Source whether identical, if it is different, removing<K_M then, ID_Source 〉, send " certificate holder sign does not match " notification message to source device then, stop this time unidirectional execution of authentication again.
In actual applications, the encapsulation above-mentioned steps is wanted during notification message to indicate in a) and wrong session sequence occurred.
B) if the ID_Source that is received and local storage<K_M, ID_Source〉in ID_Source identical, then use HMAC key hash function Hash, to share the low of key K _ M | K_M|/2 bit, ID_Source ‖ Rand_Source is carried out hash, calculates following Hash Value Uni_Des_HashValue:
Hash([K_M]
lsb|K_M|/2,ID_Source‖Rand_Source)
C) the certificate holder who reads in the destination device certificate indicates ID_Des, sends message:
ID_Des‖Uni_Des_HashValue
In actual applications, above-mentioned message needs encapsulation.Want clear and definite message affiliated session sequence and auth type during encapsulation.
D) calculate new K_M, renewal<K_M, ID_Source〉in K_M.New K_M is calculated as follows:
K_M=Hash(K_M,Rand_Source)
3. the source device main program is responsible for unidirectional authenticate again that second message hands to this equipment unidirectional authenticated the message that subprogram is handled reception again, and the notification message that destination device is sent is handed to notification message and handled subprogram and carry out.
The notification message of source device is handled " certificate of certification holder sign does not match again " such notification message that subprogram sends for destination device, stop the specified session of these notification messages, regain system resource, right<K_M clears data, ID_Des 〉, then with this destination device fill order to fully the authentication.
The unidirectional subprogram that authenticates again of source device is carried out following steps:
A) data of ID_Des that is relatively received and local storage right<K_M, ID_Des〉in ID_Des whether identical, if different would remove local storage<K_M, ID_Des 〉, send " the certificate of certification holder does not match again " notification message and give destination device, stop this session, the recovery system resource, removing<K_M, ID_Des 〉, then with this destination device fill order to authentication fully.
B) if ID_Des that is received and local storage<K_M, ID_Des〉in ID_Des identical, then use HMAC key hash function Hash to calculate following Hash Value Uni_Local_Des_HashValue:
Hash([K_M]
lsb|K_M|/2,ID_Source‖Rand_Source)
C) whether the Uni_Des_HashValue that relatively receives is identical with the Uni_Local_Des_HashValue of calculating, if different would remove local storage<K_M, ID_Des 〉, send " authenticating Hash Value does not again match " notification message and give destination device, stop this session, recovery system resource, removing<K_M, ID_Des 〉, then with this destination device fill order to fully the authentication.
D) calculate new K_M, renewal<K_M, ID_Des〉in K_M, authentication state is set.New K_M is calculated as follows:
K_M=Hash(K_M,Rand_Source)
4. the destination device main program is responsible for the notification message that receives is handed to the notification message processing subprogram execution of destination device.
The notification message of destination device is handled subprogram can be for " certificate of certification holder sign match again " of source device transmission, " authenticating Hash Value does not again match " such two class notification messages, stop the specified session of these notification messages, regain system resource, removing<K_M, ID_Source 〉.
The beneficial effect that the present invention compared with prior art has is: the present invention takes all factors into consideration the multiple interfaces of consumer electronics, and a kind of Authentication and Key Agreement scheme based on PKI is provided.This scheme has the secret and the consistency of evincible authentication feature and authenticate key when rudimentary algorithm has safety guarantee.This scheme has been optimized message number of times and calculation cost simultaneously, has higher efficient.
Above-mentioned authenticated key agreement mode of the present invention can realize with the form of agreement, is applied to participate in the source device and destination device of authenticated key agreement.
The concrete application of above-mentioned authenticated key agreement agreement of the present invention is described below.
Suppose that source device A and destination device B carry out authenticated key agreement and renewal.The local Store Credentials tabulation of device A: device certificate Cert_A, device A sign and issue the certificate Cert_A_Adm of mechanism, sign and issue the certificate Cert_Root of the mechanism of Cert_A_Adm.The local Store Credentials tabulation of equipment B: device certificate Cert_B, equipment B sign and issue the certificate Cert_B_Adm of mechanism, sign and issue the certificate Cert_Root of the mechanism of Cert_B_Adm.Device A and equipment B have been decided through consultation one group of algorithm and open parameter, comprise signature algorithm ECCDSA, and hmac algorithm HMAC-SHA (key, content), the open parameter (F of elliptic curve
q, E, G, n), | q|=192, | K_M|=256, the elliptic curve scalar takes advantage of computational chart to be shown xG, yG etc.
The DVI of device A and equipment B, interfaces such as HDMI or POD-Host are before the transmission data, and the fill order is to authenticated key agreement and renewal in meeting.If device A detects and stores shared key less than this locality, then the fill order is to authentication fully.Device A is calculated random number 1<x<n, and transmitting apparatus A unique sign ID_A and xG give equipment B; Equipment B sends Cert_B, Cert_B_Adm, the Hash Value ECCDSA{HMAC-SHA ([xyG] of yG and signature according to the step operation of unidirectional authentication regulation fully
Lsb192, ID_A) } and give device A, and calculate authenticate key K_M according to the rules; Device A detects the message that receives, and finishes the authentication to equipment B, and authentication success is calculating K _ M then, and authentication state is set, and reports an error to equipment B otherwise send a notification message.
Device A and equipment B be at DVI, HDMI, if interfaces such as POD-Host find that to authenticated key agreement with when upgrading this locality stores shared key the fill order, then the fill order is to authentication again.Device A is calculated 64 bit random number R and_A, and transmitting apparatus A unique sign ID_A and Rand_A give equipment B; The key K that equipment B use to store _ M calculates the HMAC Hash Value of ID_A ‖ Rand_A, and sends equipment B unique sign ID_B and Hash Value to device A; The correctness of device A checking Hash Value, thus confirm whether equipment B has identical shared key, if having then upgrade this key.
Device A and equipment B be at IEEE1394, when USB etc. may support between the interface of two-way authentication key agreement and renewal the transmission data, submits the authentication capability of equipment B by equipment B to device A, and device A preferentially selects to carry out two-way authentication key agreement and renewal.If show that destination device does not have storage to share key in the local authentication capability that does not have storage to share key or destination device of device A, then carry out two-way authentication fully.Device A sends Cert_A to equipment B, the xG of Cert_A_Adm and calculating; Equipment B sends Cert_B according to the two-way step of authentication fully to device A, Cert_B_Adm, and yG and signature information, the content of signature are to use the partial information of xyG to make key ID_Source is carried out the Hash Value that the HMAC-SHA computing obtains; The message that the device A checking receives is finished the authentication to equipment B, sends signature information to equipment B, and authentication state is set simultaneously, and key is shared in calculating and storage.The signature information that the equipment B check receives in conjunction with the message that the first step receives, is finished the authentication to device A, and authentication state is set, and key is shared in calculating and storage.
Device A and equipment B are after selecting to carry out the two-way authentication key agreement and upgrading, if destination device stores shared key, source device also stores shared key simultaneously, then carry out two-way authentication again.Device A is given equipment B transmitting apparatus A unique sign ID_A and Rand_A; Destination device sends ID_Des, and Rand_Des and a Hash Value, this Hash Value use HMAC-SHA to calculate, and key is the partial information of the K_M of local storage, and the content of hash has comprised the sign and the random number of device A, the sign of equipment B and random number.Device A confirms that by the checking Hash Value equipment B and device A have identical shared key, then device A according to the rules calculating and sending send new Hash Value to give equipment B, and authentication state is set, upgrade and key is shared in storage.Equipment B confirms that by the checking Hash Value device A and equipment B have identical shared key, and equipment B is provided with authentication state then, upgrades and shares key.