Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and nodes for controlling network security

A network security, node technology, applied in the field of information security, can solve the problem of CA's private key security and other issues

Active Publication Date: 2012-11-21
BEIJING WATCH DATA SYST
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, if the corresponding security measures are not adopted when the nodes in the network quit, then, when the number of quit nodes exceeds a certain number, if the subkeys of these quit nodes are combined, it is possible to restore the CA’s Private key, which will make the CA's private key face security issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and nodes for controlling network security
  • Method and nodes for controlling network security
  • Method and nodes for controlling network security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] In the embodiment of the present invention, the network adopts a fully distributed authentication method, wherein, in the network, each node is peer-to-peer, and can freely exit or join the network. In the fully distributed authentication method, the CA master key The public key PK in CA Inform all nodes in the network that the private key SK in the CA master key CA Through the Shamir polynomial threshold encryption scheme, each node can obtain SK CA A part of the key, that is, each node has the same key as SK CA A corresponding first subkey, and each node generates a public-private key pair pk for itself i / sk i . Each node has a node certificate generated by CA, and each node has a copy of all other node certificates in the network.

[0021] Among them, the Shamir polynomial threshold encryption scheme is as follows:

[0022] There are n nodes in the network, the threshold value of the Shamir polynomial threshold encryption scheme is the first threshold t, and a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and nodes for controlling network security and aims to improve the security of a network. In the network, a private key of a digital certificate authority (CA) is shared by each node through a Shamir polynomial threshold cryptography scheme, so that each node acquires a sub-key corresponding to the private key of the CA. The method comprises the following steps of: when the nodes acquire a disengage application request, updating the recorded number of exit nodes; comparing the updated number of the exit nodes with a threshold and updating the sub-key of each node which is still in the network and corresponds to the private key of the CA by increasing the threshold in the Shamir polynomial threshold cryptography scheme if the updated number of the exit nodes is more than or equal to the threshold; and further updating the sub-key of each node which is still in the network and corresponds to the private key of the CA through a zero-share confusion schemeif the updated number of the exit nodes is less than the threshold.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a network security control method and node. Background technique [0002] In the network, a very important security issue is to ensure the private key of the digital certification center (Certificate Authority, CA), because once the CA is compromised, the private key of the CA is obtained by the attacker, and the attacker can use the Private keys are used to issue wrong digital certificates, thereby impersonating legitimate nodes in the network or canceling digital certificates of legitimate nodes, resulting in a complete loss of network security. [0003] At present, a fully distributed authentication method is adopted in a network where all nodes are in peer status. In this authentication method, the public key PK in the CA master key CA Inform all nodes in the network that the private key SK in the CA master key CA Through the Shamir polynomial threshold encrypt...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/32
Inventor 郑强
Owner BEIJING WATCH DATA SYST