Inter-domain authentication and key negotiation method

Abstract

The invention relates to an inter-domain authentication and key negotiation method, which aims to solve the problems that the reliability of representative nodes of domains cannot be guaranteed and the efficiency of the key negotiation is low during the negotiation of a shared key in the prior art. A physical network for communication among nodes is converted into a logic network for inter-domain communication, and a shared key negotiation mechanism which takes the representative nodes in the domains as a center and in which ordinary nodes participate. The method comprises the following four steps of: a registering process, a communication process, a calculation process and the distribution of an intra-domain shared key, wherein in the register process, all nodes for the communication in the two domains register with a credible third party to acquire system public parameters and a node private key; in the communication process, the representative nodes of the domains calculate a temporary public key set of the domains by using the public parameters and send the temporary public key set to the opposite domain; in the calculation process, the representative nodes of the domains receive the temporary public key set sent by the opposite domain, and perform information interaction with all intra-domain ordinary nodes to calculate an inter-domain shared key; and in the distribution process of the intra-domain shared key, after acquiring the inter-domain shared key through calculation, the representative nodes distribute the inter-domain shared key to all intra-domain nodes, so that all nodes, which need to perform the communication, of the two domains acquire the shared key K.

Description

technical field [0001] The invention belongs to the technical field of network security, and relates to the security technology of mutual authentication and negotiation of shared keys between different domains in network communication. Based on attribute-based encryption mechanism, a method for authentication and establishment of shared key between two domains is proposed. Background technique [0002] In network communication, users in different domains often need to communicate. In order to ensure the safe exchange of information between users, it is necessary to perform identity authentication and establish a shared session key between the two communicating parties. In addition to the key exchange protocol based on the public key infrastructure (PKI) The key exchange protocol is also a commonly used method, which can realize the security requirement. [0003] The document "Two-Party Attribute-based Key Agreement Protocol in the Standard Model. International Symposium on...

AI Technical Summary

Problems solved by technology

[0004] Purpose of the present invention: In order to overcome the technical problem that the reliability of the representative node of the domain cannot be guaranteed and the key negotiation efficiency is low in the prior art when negotiating the shared key, the present invention proposes an inter-domain authentication and key negotiation method, In the process of negotiating the key, let ordinary nodes in the domain also participate in the negotiation process

Images