Session key negotiation method and intelligent secret key device

A technology of intelligent key device and session key, which is applied in the field of information security and can solve the problems of leakage of authentication private key and reduction of session key security.

Active Publication Date: 2016-06-01
FEITIAN TECHNOLOGIES
View PDF7 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The existing method for negotiating a session key has the following defects: the upper computer and the smart key device only use a pair of fixed keys (authentication public key and authentication private key) to negotiate to generate a session key, the negotiation mode is simple, and malicious After the program steals the fixed key, the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Session key negotiation method and intelligent secret key device
  • Session key negotiation method and intelligent secret key device
  • Session key negotiation method and intelligent secret key device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0081] This embodiment provides a method for negotiating a session key, which is introduced with the smart key device as the main body of the operation, such as figure 1 shown, including the following steps:

[0082] Step 201: The smart key device receives the third APDU instruction from the upper computer, returns the negotiation public key in the negotiation key pair saved by itself to the upper computer; receives the fourth APDU instruction from the upper computer, and sends the signature saved by itself to the upper computer. The result is returned to the host computer.

[0083] Optionally, step 201 can also be: the smart key device first receives the fourth APDU command from the host computer, and returns the signature result saved by itself to the host computer; then receives the third APDU command from the host computer, and saves the signature result by itself. The negotiation public key in the negotiation key pair is returned to the host computer.

[0084] Specifica...

Embodiment 2

[0165] This embodiment provides a working method for negotiating a session key system, which is applied to a system composed of a host computer, an intelligent key device, a production tool, and a key storage device, such as figure 2 and image 3 shown, including the following steps:

[0166] Step 101: The smart key device generates a negotiated key pair, and receives the first APDU instruction from the production tool.

[0167] In this embodiment, step 101 is specifically: the smart key device automatically generates a negotiated key pair when it is powered on, and receives the first APDU instruction from the production tool;

[0168]Alternatively, the smart key device is powered on, and generates a negotiated key pair after receiving the first APDU instruction from the production tool.

[0169] Specifically, the first APDU instruction is an APDU instruction for reading the negotiated public key.

[0170] For example, the first APDU instruction is specifically:

[0171] ...

Embodiment 3

[0285] This embodiment provides a working method of a negotiation session key system, which is applied to a system composed of a host computer, an intelligent key device, and a production tool.

[0286] In this embodiment, step 103-step 108 in embodiment 2 is changed to step C11-step C12, and other steps are the same as in embodiment 2, that is, the steps before step C11 in this embodiment are the same as the steps in embodiment 2 The steps before step 103 are the same, and the steps after step C12 in this embodiment are the same as the steps after step 108 in embodiment 2, and will not be repeated here.

[0287] Specifically, step C11-step C12 are as follows:

[0288] Step C11: The production tool performs a hash operation on the negotiated public key to generate a first operation result, and fills the first operation result to generate first padding data.

[0289] Specifically: the first operation result is the first hash value.

[0290] For example, the filling format of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a session secret key negotiation method and an intelligent secret key device, and belongs to the information security field. The method includes the steps of: receiving a third APDU instruction from a host computer by the intelligent secret key device and returning negotiation public key to the host computer; receiving a fourth APDU instruction from the host computer, and returning a signature result to the host computer; receiving fifth APDU instruction from the host computer by the intelligent secret key device, analyzing the fifth APDU instruction to obtain encryption data, using negotiation private key to decrypt the encryption data, and obtaining second filling data; judging whether a filling format of the second filling data is a pre-set filling format, if so, extracting the data with the pre-set length from a pre-set position of the second filling data as a session secret key, and returning the successful response to the host computer, otherwise returning abnormal information to the host computer. The session secret key generated by the method has strong anti-attack capability. After the information transmitted between the host computer and the intelligent secret key device is encrypted by the session secret key, the information is difficult to be intercepted by malicious programs.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a method for negotiating a session key and an intelligent key device. Background technique [0002] With the rapid development of electronic information technology, network communication through the Internet (such as network transactions, system login, etc.) Information. In order to prevent information from being illegally intercepted, the two communicating parties first generate a session key through negotiation, and encrypt the transmitted information with the session key. Most of the methods for negotiating session keys in the prior art are to generate a session key through negotiation between the authentication private key in the smart key device and the authentication public key in the host computer, and use the session key for ciphertext communication. [0003] The existing method for negotiating a session key has the following defects: the upper computer a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L9/08
CPCH04L9/0844H04L9/3249
Inventor 陆舟于华章
Owner FEITIAN TECHNOLOGIES
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap