Multi-key negotiation method used between encryption and decryption services

Abstract

The invention discloses a multi-key negotiation method used between encryption and decryption services, and relates to the technical field of communication security. According to the multi-key negotiation method, a node A independently selects N secret keys to be used for encryption operation of data sent to a node B, secret key addressing ranges from 0 to N-1, and the node A is responsible for initiating a secret key negotiation process of the N secret keys to the node B; key re-negotiation periods of the N keys are set to be T which is less than a minimum key validity period of the N keys, and key negotiation of the ith key is initiated at an (i-1)*T / N moment; for any key addressed as i, key negotiation is initiated again after the moment T, 2T, 3T... when the key negotiation is initiated; and similarly, the B independently selects M secret keys for encryption operation of the data sent to the A, and the B is responsible for initiating a secret key negotiation process of the M secretkeys selected by the B to the A. The multi-key negotiation method is suitable for multi-key negotiation between centralized encryption and decryption services, and is an important improvement on theprior art.

Description

technical field [0001] The invention relates to the technical field of communication security, in particular to a multi-key negotiation method used for encryption and decryption services. Background technique [0002] Encryption and decryption are computationally intensive. In addition, encryption and decryption algorithms and keys also need to be regularly upgraded and updated to prevent possible cracking. In the existing technology, the method of providing encryption and decryption services in a centralized manner is usually adopted, such as using proprietary encryption and decryption equipment, equipped with key cards, etc., which can reduce the difficulty of deploying encryption and decryption algorithms and improve the confidentiality of encryption and decryption algorithms and keys . However, when centralized encryption and decryption services are used, the following problems exist: [0003] 1. The key negotiation between encryption and decryption services cannot dep...

AI Technical Summary

Problems solved by technology

[0003] 1. The key negotiation between encryption and decryption services cannot depend on the application, because the timing of sending data by the application calling the encryption and decryption service is uncontrollable;

[0004] 2. If a single key pair is used between two nodes, encryption and decryption services cannot be provided externally during key negotiation, which will cause interruption of communication among multiple applications using the service;

[0005] 3. There is a validity period for the key. Overdue use will increase the risk of the key being cracked or leaked. Therefore, the key must be renegotiated before the validity period ends.

And key renegotiation will also make it impossible to decrypt data that has been encrypted with the original key.

Images