Method for automatically updating identification private key and password system

A technology that identifies private keys and automatically updates them. It is applied in the field of information security and can solve problems such as inability to obtain identification private keys and unsatisfactory satisfaction.

Active Publication Date: 2017-02-22
WUHAN UNIV OF TECH
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the problem with the solution in 201410058689.3 is that when the cryptographic module obtains the private key from the identity key service system, the user's current valid private key must be in a state of being directly usable, so that the cryptographic module can use the currently valid private key to obtain An updated identification private key; however, in practical applications, this condition may not be well satisfied. For example, if the user's identification private key is stored in portable cryptographic hardware (such as a USB Key), the user may not use it for a long time Cryptographic hardware, so that the cryptographic module cannot use the user's current valid identification private key to obtain an updated identification private key; or, the user's identification private key is stored in the user's computer after being protected (encrypted) by a PIN code (Personal Identification Number) or a password In the local keystore, if the user does not use the keystore for a long time or does not enter the protection PIN code or password, the password module method obtains the user's currently valid private key to obtain the updated private key

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for automatically updating identification private key and password system
  • Method for automatically updating identification private key and password system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] like figure 1 Described, in this embodiment, the cryptographic module of the user is a software cryptographic module (such as based on the CSP dynamic storehouse of WindowsCryptoSPI interface, based on the PKCS#11 dynamic storehouse of PKCS#11 interface), the identification private key of the user is stored in the user's computer local In a key store of a user, and stored in the key store, the identity private key (series) corresponding to an identity of a user is stored after being encrypted with a symmetric key (this symmetric key is called the identity private key encryption key) key), and this identification private key encryption key is also stored in the key store after being encrypted with the user's password or PIN code (the derived key). After the user enters the password or PIN code, the cryptographic module or the background detection program can obtain the encryption key of the identity private key through decryption, and then use this identity private key t...

Embodiment 2

[0053] like figure 2As mentioned above, the difference between Embodiment 2 and Embodiment 1 is that the cryptographic module at this time is a combination of software and hardware, wherein the hardware part (such as USB Key) stores the user identification private key and uses the identification private key to perform cryptographic operations ( Such as data decryption, digital signature, etc.); only after the user inserts the cryptographic hardware into the computer and enters the cryptographic hardware or the protection password (PIN code) that identifies the private key, various programs can be called through the software part (cryptographic interface) of the cryptographic module, Use the identified private key in the cryptographic hardware to perform cryptographic operations. At this time, the software part of the cryptographic module provides the call interface (cryptographic interface) between the cryptographic hardware and the application program, and the cryptographic ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for automatically updating an identification private key and a password system. The method comprises the following steps: when a password module or a background detection program detects that a new identification private key needs to be obtained for a user, using a security credential stored in a user computer locally to apply an identification key service system to obtain the new identification private key; after the identification key service system verifies the validity of the security credential, generating the new identification private key for the user, using an identification public key corresponding to a previous time period of the time period corresponding to the updated identification private key to encrypt the generated updated identification private key, and then returning the encrypted updated identification private key to the password module or the background detection program to be stored locally; and if the password module or the background detection program discovers that the encrypted updated identification private key is stored in the user computer locally and that a user identification private key for decrypting the encrypted updated identification private key is available, then performing decryption by sung the private key of the user to obtain the updated identification private key.

Description

technical field [0001] The invention belongs to the field of information security, in particular to a method for automatically updating an identification private key and a cryptographic system. Background technique [0002] Identity-Based Cryptography (IBC) is a public key cryptosystem. In an identity-based cryptographic system, an identity of a user, such as an email address or a mobile phone number, is a public key, called an identity public key (or IBC public key), which can be used for data encryption and / or signature verification (actually It is the user identity combined with a set of system public parameters to form the public key); the user identity corresponds to a private key, called the identity private key (or IBC private key), which can be used for data decryption and / or digital signature. The user's identity private key is calculated and generated by an identity key service system (private key generator, Private Key Generator, PKG) based on the user's identity...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L9/32
CPCH04L9/083H04L9/0891H04L9/321
Inventor 龙毅宏
Owner WUHAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap