Authentication and key negotiation method and device, and storage medium

Abstract

The invention discloses an authentication and key negotiation method and device and a storage medium, and the method comprises the steps: a key management device configures a seed key set for a terminal device, and periodically updates the current effective seed keys of the terminal device and an authentication device; the terminal equipment initiates identity authentication to the authentication equipment, the terminal equipment and the authentication equipment generate derived passwords based on the current effective seed key and a preset association factor respectively, and identity authentication is carried out by sending challenge codes to each other and encrypting and verifying the challenge codes of the opposite side according to the respective derived passwords. According to the technical scheme provided by the invention, a one-time derived password can be generated by adopting a non-interaction mode through association factors based on time or events, identity verification is carried out through the derived password, a seed key is transmitted through a post quantum password, and meanwhile, the seed key is periodically updated, so that the security characteristic that the key is irrelevant in the forward and backward directions is realized, and the security of the key is improved. And quantum safety is realized.

Description

technical field [0001] The present invention relates to the technical field of communication security, and in particular, to an authentication and key agreement method, device and storage medium. Background technique [0002] In traditional authentication technologies, identity authentication and key exchange are based on two methods, one based on symmetric cryptography and the other based on asymmetric cryptography. There are many models for the authentication methods of symmetric cryptography, mainly including the challenge-response model, the computer network authorization protocol (Kerboros) model, and the Needham-Schroeder model. The symmetric cryptographic algorithms correspond to the SM1 algorithm, the SM4 algorithm, and the Advanced Encryption Standard (AES) algorithm. The authentication methods of asymmetric cryptography include certificate public key model and identification public key model. The asymmetric key algorithms involved include RSA algorithm, ECC algori...

AI Technical Summary

Problems solved by technology

[0004] 1. The challenge-response model in symmetric cryptography needs to preset a shared seed key, and there is an N-square problem in any end-to-end negotiation;

[0005] 2. In symmetric cryptography, a trusted third-party Key Distribution Center (Key Distribute Center, KDC) is used to realize identity authentication and key exchange and solve the N square problem, but the three-party negotiation process is complicated and requires an online environment, and the network system Security needs to rely on the security of KDC;

[0006] 3. Once the pre-set seed key for sharing in the symmetric cipher is set, it will be used for a long time and will not be updated in rotation during the period. Once the data related to the seed key is stolen, network security will also be at risk;

[0007] 4. The asymmetric encryption method relies on the one-way trapdoor function in mathematical problems, and these mathematical problems can be cracked by the superposition and entanglement effects of qubits in quantum computing, so quantum security cannot be guaranteed

Images