Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A key recovery and key technology, applied in the field of information security, can solve the problems of KMC breach and key leakage, and achieve the effect of ensuring security, simplifying complexity, and ensuring transmission security.
Inactive Publication Date: 2017-09-15
JINAN INSPUR HIGH TECH TECH DEV CO LTD
View PDF4 Cites 12 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0004] With the development of network attack technology, a single KMC can no longer meet the demand. KMC may be compromised, and there is a risk of key leakage. On the other hand, social engineering attacks and other attacks against insiders will also cause KMC to be compromised.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0042] A multi-KMC key recovery system, which includes a user encryption terminal, KMC and a third-party CA center;
[0043] The user encryption terminal is responsible for the generation of random numbers and keys, key division, and data packet signature verification, encryption and decryption operations;
[0044] The KMC is responsible for the preservation and restoration of the split key;
[0045] The third-party CA center is responsible for issuing digital certificates for each participant.
[0046] The multiple KMC key recovery method is realized through two parts: key backup and key recovery;
[0047] Key backup: The third-party CA center first issues a digital certificate to each participant, and then uses a user encryption terminal to generate a random number. According to the threshold number of the set KMC, a threshold algorithm is used to split the key, and the split random number Sign it, encrypt it with the public key of each KMC, and upload it to KMC for key backup;
[004...
Embodiment 2
[0068] A multi-KMC key recovery system, which includes a user encryption terminal, KMC and a third-party CA center;
[0069] The user encryption terminal is responsible for the generation of random numbers and keys, key division, and data packet signature verification, encryption and decryption operations;
[0070] The KMC is responsible for the preservation and restoration of the split key;
[0071] The third-party CA center is responsible for issuing digital certificates for each participant.
[0072] For clarity of description, assume that in this embodiment, the encryption key algorithm is the SM2 national secret algorithm, the SM3 national secret algorithm is used as the digest algorithm, the SM3 SM2 national secret algorithm is used as the signature algorithm, and the digital certificate is in the X509 format. In addition, the KMC threshold mofn involved in key backup and recovery is (2,3), which means that there are 3 KMCs used to back up the key, and any 2 of them can restore ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses a multi-KMC key recovery method. The method is realized through two parts including key backup and key recovery, wherein the key backup comprises the following steps of making a third-party CA center issue a digital certificate to each participator, utilizing a user encryption terminal to generate random numbers, utilizes a threshold algorithm to carry out partitioning on a key according to the set KMC threshold number, signing the divided random numbers, utilizing a public key of each KMC to encrypt and uploading to the KMC to carry out key backup; the key recovery comprises the following steps of making a key request for the corresponding KMC according to the KMC threshold number and recovering the key from the user encryption terminal. The method has the following characteristics that 1) the generation intensity of the random numbers is guaranteed and the operation complexity is simplified; 2) even if the part of KMC is broken, the key cannot be leaked, and even if the part of KMC is destroyed, the recovery of the backup key can be also guaranteed; and 3) the security of the encryption key is guaranteed and the key transmission security is also guaranteed.
Description
Technical field [0001] The invention relates to the technical field of information security, in particular to a method for restoring multiple KMC keys. Background technique [0002] In recent years, as information security incidents have shown an increasing trend year by year, people have paid more and more attention to network information security issues. Network security incidents are frequent. Cyber attacks have risen from personal incidents such as information leakage, fund theft, telecommunications fraud and phishing websites to security incidents in the whole society, which will affect our lives, government services, social stability and even social security. In today’s era of big data, in order to manage and use big data well, the premise must be to ensure the security of big data. This requires a credible computing environment, and the core of a credible computing environment is to ensure participation Party’s key is safe. [0003] In a trusted computing environment, th...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more