Key distributing method and system using public key cryptographic technique

Abstract

The present invention relates to a key distribution method using public key cryptography and its system. The system includes a communication entity, a bearer device, a key distribution center and a database. The bearer device is used to carry or transfer the key distribution process and the public key For messages in the update process, the database stores whether each communication entity has registered for a confidential service; the database is connected to the key distribution center, the key distribution center is connected to the bearer device, and the bearer device is connected to each communication entity. The present invention is based on the TePA principle of ternary peer-to-peer authentication, and uses public key-cryptography technology to propose a key distribution system. The system not only securely distributes communication keys for each pair of entities, but also makes the keys have PFS attributes, reducing system The complexity of key management, and realizes the public key online update function of the trusted third party - the key distribution center.

Description

technical field [0001] The invention relates to a key distribution method and system using public key encryption technology. Background technique [0002] When secure communication is required between communication network entities, key management is one of the key technologies. Sharing a key per pair of users is possible in small networks, but is not feasible in larger networks. In a system with N users, in order to realize secure communication between any two users, N(N-1) / 2 keys need to be generated and distributed to ensure secure communication between any two users in the network. As the scale of the system increases, the complexity increases dramatically. For a network where N is 1000, about 500,000 keys are needed for distribution, storage, etc. In order to reduce complexity, a centralized key management method is usually adopted, which is implemented by a trusted online server as the key distribution center KDC (Key Distribution Center) or key transfer center KTC (...

AI Technical Summary

Problems solved by technology

[0005] Due to the participation of the key distribution center or key transfer center, each pair of entities can use a fresh communication key each time they communicate, but each user needs to save a shared key with the key distribution center or key transfer center. The secret management key is used for a long time, and for the key distribution center and the key transfer center, it not only needs to store a huge number of secret management keys, but also bears a large security risk, because once there is a problem, it will directly Threat to the security of the entire system, and none of the above-mentioned key distribution methods has the perfect forward secrecy PFS (Perfect Forward Secrecy) of the key

Images