Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Cross-domain key management method based on IBC and PKI

A key management and cross-domain technology, applied in the field of information security and key system, can solve the problems of lack of node users, waste of system construction cost and interaction time, etc., and achieve the effect of saving time and economic cost.

Inactive Publication Date: 2019-02-12
BEIJING CEC HUADA ELECTRONIC DESIGN CO LTD
View PDF7 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the mainstream solution to solve cross-domain authentication is to use public parameter service (PPS). PPS is responsible for publishing public parameters of different KGC domains. Node users need to access PPS in real time to complete cross-domain transactions, which requires a certain system construction cost and per transaction. times, and, in this way, the power of PPS is supreme, the attacker can forge an illegal domain out of thin air on the link, and the node user lacks a strong means to confirm whether the received parameters are legal, easy security risk

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cross-domain key management method based on IBC and PKI
  • Cross-domain key management method based on IBC and PKI
  • Cross-domain key management method based on IBC and PKI

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings. The implementations described in the following exemplary examples do not represent all implementations consistent with the present disclosure. Rather, they are merely examples of approaches consistent with aspects of the disclosure as recited in the appended claims.

[0036] Such as figure 1 As shown, according to a cross-domain key management method based on the IBC and PKI hybrid system described in the embodiment of the present invention, in the hybrid system architecture, a PKI system is established on multiple IBC systems, and the IBC system is used to manage massive Node users and their authentication and interaction, the PKI system is used to manage the public parameter certificates and cross-domain authorization lists of the IBC system.

[0037] Such as figure 2 As shown, a cross-domain key manageme...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a cross-domain key management method based on IBC and PKI, the method takes respective advantages of two systems and solves a problem of mutual trust of KGC public parameters under a cross-domain environment. In the key management method, a plurality of independent KGC systems are built based on an IBC system, a CA system is built based on a PKI system, the CA system signs and issues a digital certificate for the public parameter of each KGC system, further generates a cross-domain authorization list for each KGC according to a cross-domain authority control strategy andissues the cross-domain authorization list to each node user through each KGC system. When cross-domain authentication is executed between the node users, ID of an opposite side and index informationof the KGC system, where the opposite side is, are exchanged, the public parameter is extracted from the cross-domain authorization list and an IBC related algorithm is used, thus, authentication andcommunication processes can be completed. With the method provided by the invention, time and economic cost caused by accessing to a PPS or other switching systems are saved, moreover, a flexible cross-domain authority control strategy is supported, so the method is very suitable for the emerging fields with massive node users, such as the Internet of Things and electronic currency.

Description

technical field [0001] The invention relates to information security and a key system, in particular to a cross-domain key management method based on a mixed system of IBC and PKI. Background technique [0002] The traditional PKI (Public Key Infrastructure) system is based on digital certificates to achieve identity authentication, which is widely used in encrypted mail, online banking, e-government and other fields. At present, the SM2 asymmetric encryption algorithm issued by the National Commercial Cryptography Administration is mainly used in China. . In the emerging Internet of Things, electronic currency and other fields, in the face of tens of millions of node users, there are strict requirements on the hardware deployment, load balancing, disaster recovery and other capabilities of the CA center server in the PKI system. In order to solve many problems in certificate management, the IBC (Identity-Based Cryptography) system has been more and more widely used, which ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06
CPCH04L9/0825H04L9/0866H04L63/10
Inventor 王睿
Owner BEIJING CEC HUADA ELECTRONIC DESIGN CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products