CN100589375C - A Mapping Method of ID and Key - Google Patents

Abstract

The present invention provides a method for mapping IDs and keys. The method is applied to an ID-based combined key management system. In the system, a key factor matrix has been generated. The method includes: according to the fixed-length binary ID or The length value of the fixed-length binary identifier converted from the non-fixed-length binary identifier checks the size of the key factor matrix; calculates the corresponding row and column group of the key factor in the key factor matrix according to the fixed-length binary identifier , to locate the key factor; use the key factor corresponding to the row label group and the column label group to calculate the key corresponding to the fixed-length binary identifier. The invention simplifies the mapping method from the identification to the key. The mapping method of the invention is simple, efficient and easy to implement, and can realize the non-conflict mapping from the identification to the key for identifications such as IPv4 and IPv6.

Description

A Mapping Method of ID and Key

technical field

The present invention relates to the technical field of combination key management, in particular to the technical field of identification-based combination key management, and specifically relates to a method for mapping an identification and a key.

Background technique

The security of modern cryptography is based on key secrecy rather than algorithm secrecy, so key management and protection has become the key to information secrecy. The binding between the key and the key owner's identity is one of the most important contents of modern network security research. At present, there are two ways to bind the key and the key owner's identity. One is to generate the key owner's identity through the key. CGA (Cryptographically Generated Address) is a typical representative of this method; the other way The key corresponding to the identity is determined through the identity, that is, the identity-based cryptosystem. In 1984, Shamir proposed an identity-based signature idea. In 2001, Don Boneh and Matthew Franklin proposed an identity-based key management system based on Weil pairing based on Shamir's idea. The combined public key (CPK) cryptosystem is also an identity-based key management system, which can directly calculate the other party's public key according to the identity of the communicating party. In the CPK system, it is a key issue to realize the mapping from the identity to the key. In the general public key system, the public key of each user is directly published, and as many public keys as there are users, but in the combined public key technology, the public key of each user is not directly published, but only the public key is published. The key factor matrix, and the public key of each user is calculated through the public key factor matrix and related identifiers.

In the identity-based combined key management system, literature ([1] Nan Xianghao, Chen Zhong; Introduction to Network Security Technology; Beijing, National Defense Industry Press, 2003.7; [2] Tang Wen, Nan Xianghao, Chen Zhong; The combined public key technology based on the elliptic curve key system; Computer Engineering and Application, 2003, No. 21) gives the mapping algorithm from the identifier to the key as follows:

The first is to calculate the row index:

Given a row key RowKey, it is a public constant in the system. First, through a HASH function (such as MD5, SHA-1, etc.), the variable-length identification ID is transformed into a fixed-length variable Data1.

That is, HASH(ID)=Data1;

Then, the intermediate variable Data1 is used as data by an encryption algorithm (such as AES), and MAP ₀ is obtained after being encrypted with the row key RowKey; MAP ₀ is used as data, and MAP ₁ is obtained after being encrypted with the key RowKey; similarly until the obtained up to the required MAP value. For the sake of illustration, the size of the key factor matrix is assumed to be 32×32. but

AES _RowKey (Data1) = MAP ₀ ;

AES _RowKey (MAP0)= _MAP1 ;

Then, the 16 bytes of MAP ₀ are respectively molded by M (M=32 in this example), and 16 row labels smaller than M are obtained, represented by MAP[0]～MAP[15]. The 16 bytes of MAP ₁ After modulo M of each section, 16 line labels smaller than M are obtained, represented by MAP[16]～MAP[31];

MAP ₀ [i] mod M = MAP [i] (i = 0, 1..., 15);

MAP ₁ [i] mod M = MAP [i] (i = 16, 17..., 31);

So far, 32 row labels have been obtained, which are used for 32 selections of rows.

After calculating the row labels, calculate the column labels:

In order to avoid the sequential use of the column labels, the replacement algorithm PMT of the column variables is set, and the result is a full arrangement of (0, 1, 2, ..., 31). The calculation method is as follows.

First calculate the key PMT_KEY used by the PMT algorithm;

AES _ColKey (ID) = PMT_KEY, ColKey is a public constant in the system.

Use PMT _{PMT_KEY} (original sequence)=PERMUT; the original sequence is the natural sequence of 0, 1, ... 31. PERMUT is the new permutation.

The above-mentioned method is a general mapping method for various types of identifiers, which is computationally intensive and complex, and may have mapping conflicts. In the existing solutions, there is no specific mapping algorithm for specific identifiers such as IPv4 and IPv6 addresses, but in actual scenarios, such identifiers are widely used.

Contents of the invention

In view of the above-mentioned problems in the prior art, the present invention provides a method for mapping IDs and keys, which simplifies the calculation of mapping from IDs to keys. Conflict-free mapping of keys.

The present invention provides a mapping method of ID and key applied in ID-based combined key management system, in which the key factor matrix has been generated, and the method includes the following steps: step 1, according to the fixed-length binary The length value of the fixed-length binary identifier converted from the identifier or the non-fixed-length binary identifier checks the size of the key factor matrix, and the size of the key factor matrix is expressed as M×2 ⁿ ; wherein, it includes: the fixed-length binary identifier The factorization of the length value is carried out according to the formula, and the expression of the formula is: S=M×r+k; among them, S: the length value of the fixed-length binary identifier; M: the row number of the key factor matrix; 2 ⁿ : the encryption The number of columns of the key factor matrix; k≥0 and k<M; S, M, k, r, and n are all integers; judge whether the size of the key factor matrix is appropriate according to the result of factorization; if the judgment result is appropriate, then Execute step 2; step 2, calculate the key factor corresponding row group and column group in the key factor matrix according to the fixed-length binary identification; wherein, including: calculating the column corresponding to the fixed-length binary identification All the row labels of the key factor matrix are replaced to obtain the row label group corresponding to the fixed-length binary identifier; step 3, using the key factor calculation corresponding to the row label group and the column label group The key corresponding to the fixed-length binary identifier. The step 1 also includes: if the judgment result is inappropriate, regenerating the key factor matrix.

Judging whether the size of the key factor matrix is appropriate refers to: judging whether r is greater than n; if the judgment result is r≤n<S, then the size of the key factor matrix is appropriate; if the judgment result is r>n, the encryption The size of the key factor matrix is inappropriate; among them, S: the length value of the fixed-length binary identifier; n and r are both integers.

The calculation of the column label group corresponding to the fixed-length binary identifier includes: judging whether k<n-r is established;

If the judgment result is yes, calculate the column index group C _i (ID) according to the formula, the expression of the formula is: C _i (ID)=[ID>>(i×r)]&(2 ⁿ -1), i=0...M-1; Among them, >> means circular shift operation, and ID is the fixed-length binary identifier;

If the judgment result is no, calculate the column index group C _i (ID) according to the formula, and the formula expression is:

C _i (ID)=[ID>>(i×r)]&(2 ⁿ -1), i=0...M-[k-(nr)]-1, and

C _i (ID)={ID>>[i×(r+1)]}&(2 ⁿ -1), i=M-[k-(nr)]...M-1;

Wherein, >> represents a circular shift operation, ID is the fixed-length binary identifier; M, k, n, r, i are integers.

The calculation of the column label group corresponding to the fixed-length binary identifier includes: calculating the column label group C _i (ID) according to the formula, and the formula expression is: C _i (ID)={ID>>[i×(r+ 1)]}&(2 ⁿ -1), i=0...M-1; wherein, >> represents a circular shift operation; ID is a fixed-length binary identifier; n, r, and i are integers.

The calculation of the column label group corresponding to the fixed-length binary identifier includes: calculating the column label group C _i (ID) according to the formula, and the formula expression is: C _i (ID)=[ID>>(i×r') ]&( ²ⁿ -1), i=0...M-1;

Among them, >> means circular shift operation, S>r'>r, r' is not a factor of S, ID is a fixed-length binary identifier; S is the length value of a fixed-length binary identifier; r, r', n, i are integer.

The replacement of all the row labels of the key factor matrix includes: directly selecting a data sequence as a row label group, and the data sequence is: 0, 1, ..., M-1, where M is a password The number of rows of the key factor matrix.

The replacement of all the row labels of the key factor matrix includes: storing the data sequence in sequence, in reverse order, or in random order in the array R[i], the data sequence is: 0, 1, ... ..., M-1; where i=0, 1, ..., M-1; M is the number of rows of the key factor matrix.

The replacement of all row labels of the key factor matrix also includes the steps of:

Step 11, set i=0;

Step 12, judging whether ID mod(M-i)<M-i-1 is established;

Step 13, if the judgment result of step 12 is yes, then R[ID mod (M-i)] and R[M-i-1] exchange position; If the judgment result of step 12 is no, then execute step 14;

Step 14, setting i=i+1, judging whether i is equal to M-2;

Step 15, if the judgment result of step 14 is no, then repeat step 12 to step 15; if the judgment result of step 14 is yes, then the replacement ends, and the array R[i] after the above-mentioned steps is stored is (0 ... a permutation of M-1).

The replacement of all row labels of the key factor matrix also includes the steps of:

Step 21, set i=0;

Step 22, judging whether ID mod(M-i)≠0 is established;

Step 23, if the judgment result of step 22 is yes, then R[(ID mod (M-i))+i] and R[i] exchange position; If the judgment result of step 22 is no, then execute step 24;

Step 24, setting i=i+1, judging whether i is equal to M-2;

Step 25, if the judgment result of step 24 is no, then repeat step 22 to step 25; if the judgment result of step 24 is yes, then the replacement ends, and the array R[i] after the above-mentioned steps is stored is (0 ... a permutation of M-1).

The present invention also provides a method for mapping IDs and keys, which is applied to an ID-based combined key management system. In the system, a key factor matrix has been generated. The method includes steps: Step 1, according to the defined The length value of the long binary identifier or the fixed-length binary identifier converted from the non-fixed-length binary identifier checks the size of the key factor matrix, and the size of the key factor matrix is expressed as 2 ^m × N; wherein, it includes: The factorization of the length value of the identification is carried out according to the formula, and the expression of the formula is: S=N×r+k; among them, S: the length value of the fixed-length binary identification; 2 ^m : the number of rows of the key factor matrix; N : The number of columns of the key factor matrix; k≥0 and k<N; S, N, k, r, m are integers; judge whether the size of the key factor matrix is appropriate according to the result of factorization; if the judgment result is appropriate, Then perform step 2; step 2, calculate the key factor in the key factor matrix corresponding row label group and column label group according to described fixed-length binary identification; Wherein, comprise: calculate and described fixed-length binary identification corresponding row mark group; all column marks of the key factor matrix are replaced to obtain the column mark group corresponding to the fixed-length binary identifier; step 3, using the key factor calculation and The key corresponding to the fixed-length binary identifier.

The step 1 also includes: if the judgment result is inappropriate, regenerating the key factor matrix.

Judging whether the size of the key factor matrix is appropriate refers to: judging whether r is greater than m; if the judgment result is r≤m<S, then the size of the key factor matrix is appropriate; if the judgment result is r>m, then the encryption The size of the key factor matrix is inappropriate; among them, S: the length value of the fixed-length binary identifier; m and r are integers.

The calculation of the row label group corresponding to the fixed-length binary identifier includes: judging whether k<m-r holds true;

If the judgment result is yes, then calculate the line label group C _i (ID) according to the formula, the expression of the formula is: C _i (ID)=[ID>>(i×r)]&(2 ^m -1), i=0...N-1;

If the judgment result is no, calculate the line label group C _i (ID) according to the formula, and the formula expression is:

C _i (ID)=[ID>>(i×r)]&(2 ^m -1), i=0...N-[k-(mr)]-1, and

C _i (ID)={ID>>[i×(r+1)]}&(2 ^m -1), i=N-[k-(mr)]...N-1;

Wherein, >> represents a circular shift operation, and ID is the fixed-length binary identifier; N, k, r, m, and i are integers.

The calculation of the line label group corresponding to the fixed-length binary identifier includes: calculating the line label group C _i (ID) according to the formula, and the formula expression is: C _i (ID)={ID>>[i×(r+ 1)]}&(2 ^m -1), i=0...N-1; Among them, >> means circular shift operation, ID is the fixed-length binary identifier; N, r, m, i are integer.

The calculation of the line label group corresponding to the fixed-length binary identifier includes: calculating the line label group C _i (ID) according to the formula, and the formula expression is: C _i (ID)=[ID>>(i×r') ]&(2 ^m -1), i=0...N-1; Among them, >> means cyclic shift operation, S>r'>r, r' is not a factor of S, ID is the fixed length Binary identifier; r', r, m, i are integers.

The replacement of all column labels of the key factor matrix includes: directly selecting a data sequence as a column label group, and the data sequence is: 0, 1, ..., N-1, where N is a password The number of columns of the key factor matrix.

The replacement of all column labels of the key factor matrix includes: storing the data sequence in sequence, in reverse order, or in random order in the array R[i], the data sequence is: 0, 1, ... ..., N-1; where i=0, 1, ..., N-1; N is the number of columns of the key factor matrix.

The replacement of all column labels of the key factor matrix also includes the steps of:

Step 31, setting i=0;

Step 32, judging whether ID mod(N-i)＜N-i-1 is established;

Step 33, if the judgment result of step 32 is yes, then R[ID mod (N-i)] and R[N-i-1] exchange position; If the judgment result of step 32 is no, then execute step 34;

Step 34, setting i=i+1, judging whether i is equal to N-2;

Step 35, if the judgment result of step 34 is no, then repeat step 32 to step 35; If the judgment result of step 34 is yes, then the replacement ends, and the array R[i] after the above-mentioned steps is stored is (0 ... a permutation of M-1).

The replacement of all column labels of the key factor matrix also includes the steps of:

Step 41, setting i=0;

Step 42, judging whether ID mod(N-i)≠0 is established;

Step 43, if the judgment result of step 42 is yes, then R[(ID mod (N-i))+i] and R[i] exchange position; If the judgment result of step 42 is no, then execute step 44;

Step 44, setting i=i+1, judging whether i is equal to N-2;

Step 45, if the judgment result of step 44 is no, then repeat step 42 to step 45; If the judgment result of step 44 is yes, then the replacement ends, and the array R[i] after the above-mentioned steps is stored is (0 ... a permutation of M-1).

The step 3 includes: selecting the key factor corresponding to the row label group and the column label group from the key factor matrix; using the key factor to calculate the key corresponding to the fixed-length binary identifier.

计算公钥PK_ID；其中，p和g为离散对数密码系统的参数，p是素数，g是有限域Fp生成元，g小于p，R_i为行标，C_i为列标，S[R_i，C_i]为与标识对应的私钥因子。In the discrete logarithm cryptosystem, the key is calculated according to the formula using the key factor; where, according to the formula Calculate the private key SK _ID ; according to the formula

Calculate the public key PK _ID ; Wherein, p and g are the parameters of the discrete logarithm cryptosystem, p is a prime number, g is a finite field Fp generator, g is less than p, R _i is a row mark, C _i is a column mark, S[ R _i , C _i ] are private key factors corresponding to the identity.

计算私钥SK_ID；按照公式SK_ID＝SK_ID×G计算公钥PK_ID；其中，n和G为椭圆曲线密码系统的参数，G是椭圆曲线E(Fp)上的基点，n是素数，n是基点G的阶，R_i为行标，C_i为列标，S[R_i，C_i]为与标识对应的私钥因子。In the elliptic curve cryptosystem, the key is calculated according to the formula using the key factor; where, according to the formula

Calculate the private key SK _ID ; Calculate the public key PK _ID according to the formula SK _ID =SK _ID ×G; Wherein, n and G are the parameters of the elliptic curve cryptosystem, and G is the base point on the elliptic curve E (Fp), and n is a prime number, n is the order of the base point G, R _i is the row label, C _i is the column label, and S[R _i , C _i ] is the private key factor corresponding to the identity.

The non-fixed-length binary identifier is converted into a fixed-length binary identifier by using a hash function or a message authentication code function.

The beneficial effect of the invention is that the mapping calculation from the identifier to the key is simplified, the mapping algorithm is simple and efficient, and the non-conflict mapping from the identifier to the key can be realized for the identifier with particularity.

Description of drawings

Fig. 1A and Fig. 1 B are the schematic diagrams of public key factor matrix and private key factor matrix of the present invention respectively;

Fig. 2 is a method flowchart of an embodiment of the present invention;

Fig. 3 is a method flowchart of an embodiment of the present invention;

Fig. 4 is a method flowchart of an embodiment of the present invention;

Fig. 5 is a flowchart of a method according to another embodiment of the present invention.

Detailed ways

The present invention will be described in detail below in conjunction with the accompanying drawings.

The present invention provides a method for mapping IDs and keys, which is applied to an ID-based combined key management system. In the system, a key factor matrix has been generated. The method includes: according to the fixed-length binary ID or The length value of the fixed-length binary identifier converted from the non-fixed-length binary identifier checks the size of the key factor matrix; calculates the corresponding row and column group of the key factor in the key factor matrix according to the fixed-length binary identifier , to locate the key factor; use the key factor corresponding to the row label group and the column label group to calculate the key corresponding to the fixed-length binary identifier.

Wherein, described mark can be the mark that has certain particularity like IPv4, IPv6 address this class, for such mark as IPv4, IPv6 address, its particularity is that mark itself is the binary mark of S bit (bit); For the original logo which is composed of letters, numbers and other mixed elements, a fixed-length binary logo can be generated through hash (HASH) or encryption algorithm first, and then the corresponding mapping calculation can be carried out. Among them, the variable-length logo is transformed into The method for a fixed-length value can use a message authentication code (MAC: Message Authentication Code) function or a common HASH algorithm.

In a word, for any kind of identification, the binding between the key and the key owner's identification can be realized through the identification and key mapping method provided by the present invention.

In an embodiment of the present invention, the key factor matrix includes a public key factor matrix and a private key factor matrix, the key includes a public key and a private key, and the key factor includes a public key factor and a private key factor. Moreover, when implementing the mapping method of the present invention, a key factor matrix with a size of M×N has been generated in the system, where N=2 ⁿ , M=2 ^m . The factor matrix of public and private keys is the basis of the identity-based combined key management system. The private key is calculated by selecting a private key factor in each row (or column) according to a certain mapping rule in the private key factor matrix through corresponding operations; correspondingly, the public key is calculated in the public key factor matrix according to a certain mapping rule Select a public key factor in each row (or column) and calculate it through corresponding operations. Let the private key factor matrix be SKM=[S _ij ], where i=0...M-1, j=0...N-1; if a private key is selected from each row of the private key factor matrix If the key factor is calculated, N is limited, and N=2 ⁿ is required, and n is a positive integer; if the private key is calculated by selecting a private key factor from each column in the private key factor matrix, then M is limited, requiring M=2 ^m , m is a positive integer.

Whether the public-private key factor is selected by row or by column, its calculation is similar. The only difference is:

If it is selected by row, first calculate the column label group; then replace all the row labels, that is, the obtained row label is a kind of full arrangement of all row labels;

If it is selected by column, first calculate the row label group; then replace all the column labels, that is, the obtained column label group is a kind of full arrangement of all column labels.

The present invention will be described in detail below in conjunction with the accompanying drawings.

Embodiment one

In this embodiment, the public-private key factor is selected by row as an example for introduction.

FIG. 1A and FIG. 1B are schematic diagrams of a private key factor matrix and a public key factor matrix, respectively. As shown in the figure, the private key factor matrix is SKM=[S _ij ], where i=0...M-1, j=0...N-1; the corresponding public key factor matrix is PKM=[P _ij ], where i=0...M-1, j=0...N-1.

In the elliptic curve cryptosystem, suppose G is the base point of an elliptic curve, then P _ij =S _ij ×G, that is, PKM=SKM×G.

In the discrete logarithm cryptosystem, T={g, p}, where p is a prime number, g is a finite field Fp generator, and g is less than p, then

Usually, the size of the key factor matrix is related to the security of the system, and is also related to the scale of the system (that is, the number of users), and the length of the identification determines the maximum number of users in the system.

Below, this embodiment will be described in conjunction with FIGS. 2 to 4. In the flowcharts of FIGS. N=2 ⁿ , M=2 ^m . The mapping method of the present invention is divided into three processes: the verification process of the key factor matrix, the calculation process of the row label group and the column label group, and the calculation process of the key.

It should be noted that the mapping method of the present invention can be applied to fixed-length binary identifiers with S bits like IPv4 and IPv6 addresses and identifiers that are composed of mixed elements such as letters and numbers.

Therefore, for a system that uses a general identifier similar to a DNS domain name, as shown in Figure 2, before the key factor matrix is checked, the general identifier needs to be converted into a fixed-length binary identifier and used directly as the following process fixed-length binary identifier (see step S101).

For being marked as the fixed-length binary sign of S bit, as shown in Figure 4, it can be directly used as the fixed-length binary sign (seeing step S301) used in the following process.

In addition, as shown in FIG. 3 , a part of the fixed-length binary identifier may also be selected as the fixed-length binary identifier used in the following process (see step S201 ). For example: if the scope managed by the key generation center is a subnet of IPv6, and its subnet prefix is n bits, then the system can only consider the 128-n bit interface identification part to determine the key factor matrix Size and mapping between IDs and keys. Similarly, for a system that uses a general identifier similar to a DNS domain name, when converting the general identifier into a fixed-length identifier, only the hash (HASH) function or the message authentication code (MAC: Message) may be used according to the scale of the system. Authentication Code) function to calculate a part of the value of the mapping calculation.

1. The verification process of the key factor matrix

The verification process of the key factor matrix is to verify the size of the key factor matrix according to the length value of the fixed-length binary identifier or the fixed-length binary identifier converted from the non-fixed-length binary identifier.

Checking the size of the key factor matrix involves:

Carry out factorization to the length value of fixed-length binary identification; Judging whether the size of key factor matrix is suitable according to the result of factorization; If the result of described judging step is yes, then carry out the calculation process of row label group and column label group . If the result of the judging step is no, regenerate the key factor matrix.

As shown in Figure 2, Figure 3 and Figure 4, the verification process of the key factor matrix is as follows:

The length value of the fixed-length binary identifier is factorized according to S=M×r+k, wherein k≥0 and k<M (see step S102); if r≤n<S, then the key factor matrix is available (see step S103); if r>n, then the key factor matrix is too small, and the key factor matrix needs to be regenerated (see step S109), wherein M is the number of rows of the key factor matrix, and S is the length of the fixed-length binary identifier value, k is 0 or a positive integer, r and n are positive integers.

Give a special example to illustrate: the fixed-length S bit binary identifier in the system is expressed as: S=M×r (take k=0 at this time), and it is still assumed that the public and private keys are in the public and private key factor matrix according to a certain mapping The rule selects a public-private key factor in each row and calculates it through corresponding operations, then the size of the key factor matrix can be M×2 ⁿ ', n'≥n. For example, in a system identified by an IPv6 address, the IPv6 address is 128 bits, 128=32×4, and the size of the key factor matrix can be taken as 32×2 ⁴ .

2. Calculation process of row mark group and column mark group

In order to calculate the public-private key corresponding to an identifier, it is necessary to find out the key factor for calculating the public-private key. To locate the key factor, it is necessary to calculate the corresponding row and column group of the key factor in the key factor matrix according to the identifier. .

First, calculate the column label group.

In the process of checking the above-mentioned key factor matrix, the length value of the fixed-length binary identification ID has been factorized according to S=M×r+k, where k≥0 and k<M, and M is the key factor matrix The number of lines, S is the length value of the fixed-length binary identifier. Because the verification process of the above-mentioned key factor matrix has been passed, r≤n<S in this formula.

The following provides three methods for calculating the column label group through the fixed-length binary ID.

the first method

As shown in Figure 2, the calculation process is as follows:

If k<nr, then calculate the index group C _i (ID)=[ID>>(i×r)]&(2 ⁿ -1), i=0...M-1; where, >> means cycle Shift operation (see steps S104, S105);

If k≥nr, calculate the index group C _i (ID) according to the following formula (see step S110):

C _i (ID)=[ID>>(i×r)]&(2 ⁿ -1), i=0...M-[k-(nr)]-1,

C _i (ID)={ID>>[i×(r+1)]}&(2 ⁿ -1), i=M-[k-(nr)]...M-1

Among them, >> represents a circular shift operation.

The second method

As shown in FIG. 3, the column label group C _i (ID) is calculated according to the following formula (see step S205):

C _i (ID)={ID>>[i×(r+1)]}&(2 ⁿ -1), i=0...M-1

Among them, >> represents a circular shift operation.

third method

As shown in Figure 4, the column label group C _i (ID) is calculated according to the following formula (see step S305):

C _i (ID)=[ID>>(i×r')]&(2 ⁿ -1), i=0...M-1

Among them, >> represents the cyclic shift operation, S>r'>r, and requires that r' is not an S factor.

Second, calculate the row label group.

The key factor is selected from each row of the key factor matrix, so the row label group is a permutation of (0...M-1), as shown in Figure 2, the easiest way is to directly select 0...M -1 (see step S106).

In addition, the following two methods can also be used to replace row labels:

the first method

As shown in Figure 3, see steps S206-S212, put 0...M-1 in the array R[0]...R[M-1]. Then perform the following calculation steps:

1) set i=0;

2) Determine whether ID mod(M-i)<M-i-1 is established;

3) If the result of 2) is yes, then R[ID mod (M-i)] and R[M-i-1] are exchanged; if the result of 2) is no, then perform 4);

4) Set i=i+1, repeat steps 2) to 4), until i=M-2 and end.

The array R[0]...R[M-1] after the above processing stores a permutation of (0...M-1). Then the data sequence stored in the permuted array is the row label group.

The second method

As shown in Figure 4, see step S306 to step S312, put 0...M-1 in the array A[0]...A[M-1] in reverse order. Then perform the following calculation steps:

1') set i=0;

2') Determine whether ID mod(M-i)≠0 is established;

3') If the judgment result of 2') is yes, then A[(ID mod(M-i))+i] and A[i] are exchanged; if the judgment result of 2') is No, execute 4');

4') Set i=i+1, repeat steps 2') to 4'), until i=M-2 and end.

The array A[0]...A[M-1] after the above processing stores a permutation of (0...M-1). Then the data sequence stored in the permuted array is the row label group.

In step S206 shown in FIG. 3 and step S306 shown in FIG. 4 , the order of placing 0...M-1 in the array can be sequential storage, reverse storage, or random storage.

3. The calculation process of the key

After calculating the column label group and row label group corresponding to the identifier, the key factor corresponding to the row label group and column label group is selected from the key factor matrix (see step S107). For example, if the size of the key factor matrix is 16×64, that is, M=16, N=64, the key factors forming the public and private keys are selected from the key factor matrix by row. If for an identification ID, according to the mapping method given above, it can be calculated that the 16 values as column labels are (8, 2, 62, ..., 33), and the corresponding row labels are replaced by (3, 8 , 1,...,12), then take S _3,8 , S _8,2 , S _1,62 ,..., S _12,33 in the private key factor matrix to calculate the ID The corresponding private key; the public key corresponding to the corresponding identification ID is calculated from the public key factor matrix by taking P _3,8 , P _8,2 , P _1,62 ,...,P _12,33 .

After obtaining the row key group and column key group corresponding to the identifier, the public-private key pair is calculated (see step S108).

Since the private key needs to be kept secret, only the key management center can save the private key factor matrix. The generation of the private key can only be carried out in the key management center. After the generation, it is issued to the corresponding entity. Each entity in the system does not know Each private key factor used to calculate its own private key; the public key of each identity is public in the domain managed by the entire key management center, so the public key factor matrix needs to be public.

In the discrete logarithm cryptosystem, the system parameter T={g, p}, where p is a prime number, g is a generator of finite field F _p , and g is smaller than p. The column corresponding to an identification ID is marked as C ₀ , C ₁ ~ C _M-1 , the corresponding row is marked as R ₀ , R ₁ ~ R _M-1 , and S[R _i , C _i ] is the private key corresponding to the identification factor, then identify the private key corresponding to the ID:

${\mathrm{<span\; class="notranslate">\; SK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}<span\; class="notranslate">\; =</span>\underset{\mathrm{<span\; class="notranslate">\; i</span>}<span\; class="notranslate">\; =</span>\mathrm{<span\; class="notranslate">\; 0</span>}}{\overset{\mathrm{<span\; class="notranslate">\; m</span>}}{\mathrm{<span\; class="notranslate">\; \&Sigma;</span>}}}\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; R</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ]</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}<span\; class="notranslate">\; ;</span>$

Corresponding public key:

${\mathrm{<span\; class="notranslate">\; PK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}<span\; class="notranslate">\; =</span>\underset{\mathrm{<span\; class="notranslate">\; i</span>}<span\; class="notranslate">\; =</span>\mathrm{<span\; class="notranslate">\; 0</span>}}{\overset{\mathrm{<span\; class="notranslate">\; m</span>}}{\mathrm{<span\; class="notranslate">\; \&Pi;</span>}}}\mathrm{<span\; class="notranslate">\; P</span>}<span\; class="notranslate">\; [</span>\mathrm{<span\; class="notranslate">\; Ri</span>}<span\; class="notranslate">\; ,</span>\mathrm{<span\; class="notranslate">\; Ci</span>}<span\; class="notranslate">\; ]</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}<span\; class="notranslate">\; =</span><span\; class="notranslate">\; (</span>{\mathrm{<span\; class="notranslate">\; g</span>}}^{\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; <figure-callout\; id="0"\; label="R"\; filenames="C2006101154400030H1.png"\; state="\{\{state\}\}">R</figure-callout></span>}}_{\mathrm{<span\; class="notranslate">\; 0</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 0</span>}}<span\; class="notranslate">\; ]</span>}<span\; class="notranslate">\; \&times;</span>{\mathrm{<span\; class="notranslate">\; g</span>}}^{\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; <figure-callout\; id="1"\; label="R"\; filenames="C2006101154400026H1.png,C2006101154400026H2.png"\; state="\{\{state\}\}">R</figure-callout></span>}}_{\mathrm{<span\; class="notranslate">\; 1</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 1</span>}}<span\; class="notranslate">\; ]</span>}<span\; class="notranslate">\; .</span><span\; class="notranslate">\; .</span><span\; class="notranslate">\; .</span><span\; class="notranslate">\; \&times;</span>{\mathrm{<span\; class="notranslate">\; g</span>}}^{\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; R</span>}}_{\mathrm{<span\; class="notranslate">\; 31</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 31</span>}}<span\; class="notranslate">\; ]</span>}<span\; class="notranslate">\; )</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}$

$<span\; class="notranslate">\; =</span><span\; class="notranslate">\; (</span>{\mathrm{<span\; class="notranslate">\; g</span>}}^{\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; <figure-callout\; id="0"\; label="R"\; filenames="C2006101154400030H1.png"\; state="\{\{state\}\}">R</figure-callout></span>}}_{\mathrm{<span\; class="notranslate">\; 0</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 0</span>}}<span\; class="notranslate">\; ]</span><span\; class="notranslate">\; +</span>\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; <figure-callout\; id="1"\; label="R"\; filenames="C2006101154400026H1.png,C2006101154400026H2.png"\; state="\{\{state\}\}">R</figure-callout></span>}}_{\mathrm{<span\; class="notranslate">\; 1</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 1</span>}}<span\; class="notranslate">\; ]</span><span\; class="notranslate">\; .</span><span\; class="notranslate">\; .</span><span\; class="notranslate">\; .</span><span\; class="notranslate">\; +</span>\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; R</span>}}_{\mathrm{<span\; class="notranslate">\; 31</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; 31</span>}}<span\; class="notranslate">\; ]</span>}<span\; class="notranslate">\; )</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}<span\; class="notranslate">\; =</span>{\mathrm{<span\; class="notranslate">\; g</span>}}^{{\mathrm{<span\; class="notranslate">\; SK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}}\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}<span\; class="notranslate">\; ;</span>$

If it is an elliptic curve cryptosystem, the system parameter T: (a, b, G, n, p), where p is a positive integer, Fp is a finite field, a, b are positive integers on Fp, and G is the elliptic curve E(Fp ), n is a prime number, which is the order of the base point G. The column corresponding to an identification ID is labeled C ₀ , C ₁ ~C _M-1 , and the corresponding row is labeled R ₀ , R ₁ ~ _RM-1 , then the private key corresponding to the identification ID:

${\mathrm{<span\; class="notranslate">\; SK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}<span\; class="notranslate">\; =</span>\underset{\mathrm{<span\; class="notranslate">\; i</span>}<span\; class="notranslate">\; =</span>\mathrm{<span\; class="notranslate">\; 0</span>}}{\overset{\mathrm{<span\; class="notranslate">\; m</span>}}{\mathrm{<span\; class="notranslate">\; \&Sigma;</span>}}}\mathrm{<span\; class="notranslate">\; S</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; R</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ]</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; no</span>}<span\; class="notranslate">\; ;</span>$

Corresponding public key:

${\mathrm{<span\; class="notranslate">\; SK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}<span\; class="notranslate">\; =</span>\underset{\mathrm{<span\; class="notranslate">\; i</span>}<span\; class="notranslate">\; =</span>\mathrm{<span\; class="notranslate">\; 0</span>}}{\overset{\mathrm{<span\; class="notranslate">\; m</span>}}{\mathrm{<span\; class="notranslate">\; \&Sigma;</span>}}}\mathrm{<span\; class="notranslate">\; P</span>}<span\; class="notranslate">\; [</span>{\mathrm{<span\; class="notranslate">\; R</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ,</span>{\mathrm{<span\; class="notranslate">\; C</span>}}_{\mathrm{<span\; class="notranslate">\; i</span>}}<span\; class="notranslate">\; ]</span>\mathrm{<span\; class="notranslate">\; mod</span>}\mathrm{<span\; class="notranslate">\; p</span>}<span\; class="notranslate">\; =</span>{\mathrm{<span\; class="notranslate">\; SK</span>}}_{\mathrm{<span\; class="notranslate">\; ID</span>}}<span\; class="notranslate">\; \&times;</span>\mathrm{<span\; class="notranslate">\; G</span>}$

Embodiment two

In this embodiment, the selection of public and private key factors by column is described according to FIG. 5 . Whether the public-private key factor is selected by row or by column, its calculation is similar.

The private key factor matrix and the public key factor matrix as shown in FIG. 1A and FIG. 1B are also used. Before executing the method of this embodiment, a key factor matrix with a size of M×N has been generated in the system, where N=2 ⁿ , M=2 ^m . In this embodiment, the size of the key factor matrix is expressed as S=2 ^m ×N. The mapping method in this embodiment is also divided into three processes: the verification process of the key factor matrix, the calculation process of the row label group and the column label group, and the calculation process of the key.

Similarly, the mapping method of the present invention can be used for fixed-length binary identifiers with S bits such as IPv4 and IPv6 addresses and non-fixed-length binary identifiers composed of mixed elements such as letters and numbers. In the flow chart of FIG. 5 , before implementing the mapping method of the present invention, a key factor matrix of size M×N has been generated in the system, where N=2 ⁿ , M=2 ^m , and m is a positive integer. The identifier shown in Figure 5 is a general identifier, which needs to be converted into a binary identifier, and a part is selected as a fixed-length binary identifier in the following steps (see step S401).

1. The verification process of the key factor matrix

The verification process of the key factor matrix is the same as the first embodiment, except that the number of columns of the key factor matrix N is used to replace the number of rows M of the key factor matrix during factorization. The specific process is as shown in step S402, step S403 and step S409 of Figure 5: factorize the length value S of the fixed-length binary identifier according to S=N×r+k, where k≥0 and k<N; if r≤m< S, the key factor matrix is available; if r>m, the key factor matrix is too small, and the key factor matrix needs to be regenerated.

2. Calculation process of row mark group and column mark group

In this embodiment, since the key factor is selected by column, it is necessary to calculate the row label group now, and then replace the column label group.

First, calculate the row label group.

In the above verification process of the key factor matrix, the fixed-length binary ID has been factorized according to S=N×r+k, where k≥0 and k<N, and N is the number of columns of the key factor matrix. Because the verification process of the key factor matrix has been passed, r≤m<S in this formula. There are also three methods to calculate the row label group through the fixed-length binary ID:

The first method (not shown in the figure) is to calculate the line label group C _i (ID) according to the following formula:

If k<mr, C _i (ID)=[ID>>(i×r)]&(2 ^m -1), i=0...N-1

Among them, >> represents the circular shift operation;

If k≥mr, C _i (ID)=[ID>>(i×r)]&(2 ^m -1), i=0...N-[k-(mr)]-1,

C _i (ID)={ID>>[i×(r+1)]}&(2 ^m -1), i=M-[k-(mr)]...N-1,

Among them, >> represents a circular shift operation.

The second method (not shown in the figure) calculates the line label group C _i (ID) according to the following formula:

C _i (ID)={ID>>[i×(r+1)]}&(2 ^m -1), i=0...N-1

Among them, >> represents a circular shift operation.

The third method, see step S405 among Fig. 5, calculate line label group C _i (ID) according to the following formula,

C _i (ID)=[ID>>(i×r')]&(2 ^m -1), i=0...N-1

Among them, >> means circular shift operation, S>r'>r, and r' is not required to be a factor of S.

Next, calculate the column label group.

The key factor is selected from each column of the key factor matrix, so the column label group is a permutation of (0...N-1), the easiest way is to directly select 0...N-1 (not shown in the figure Shows). In addition, the same replacement can also be slightly changed through the two methods in Example 1:

The first method (not shown in the figure) is to store 0...N-1 sequentially, reversely or randomly in the array R[0]...R[N-1]. Then perform the following calculation steps:

1) set i=0;

2) Determine whether ID mod(N-i)<N-i-1 is established;

3) If the result of 2) is yes, then R[ID mod (N-i)] and R[N-i-1] are exchanged; if the result of 2) is no, then perform 4);

4) Set i=i+1, repeat steps 2) to 4), until i=N-2 and end.

The array R[0]...R[N-1] processed above stores a permutation of (0...N-1). Then the data sequence stored in the permuted array is a column label group.

As shown in steps S406 to S412 in Figure 5, the second method is to store 0...N-1 sequentially, in reverse order, or in random order in the array A[0]...A[N-1 ]. Then perform the following calculation steps:

1') set i=0;

2') Determine whether ID mod(N-i)≠0 is established;

3') If the result of 2') is yes, then exchange positions of A[(ID mod(N-i))+i] and A[i]; if the result of 2') is no, then execute 4');

4') Set i=i+1, repeat steps 2') to 4'), until i=N-2 and end.

The array A[0]...A[N-1] after the above processing stores a permutation of (0...N-1). Then the data sequence stored in the permuted array is a column label group.

3. The calculation process of the key is the same as that of the first embodiment, and will not be repeated here.

The invention simplifies the mapping method from the identification to the key, and the mapping method is simple, efficient and easy to implement, and can realize the conflict-free mapping from the identification to the key for identifications such as IPv4 and IPv6.

The above-mentioned embodiments are only used to illustrate the present invention, but not to limit the present invention.

Claims (24)

1. A method for mapping identities and keys, applied in a combined identity-based key management system in which a key factor matrix has been generated, the method comprising the steps of:

step 1, checking the size of a key factor matrix according to the length value of a fixed-length binary identifier or a fixed-length binary identifier converted from a non-fixed-length binary identifier, wherein the size of the key factor matrix is expressed as Mx 2ⁿ(ii) a Wherein, include: factoring the length value of the fixed-length binary mark according to a formula, a table of the formulaThe expression is as follows: s is mxr + k; wherein, S: length value of the fixed-length binary mark; m: the number of rows of the key factor matrix; 2ⁿ: the number of columns of the key factor matrix; k is more than or equal to 0 and is less than M; s, M, k, r and n are integers; judging whether the size of the key factor matrix is proper or not according to the factorization result; if the judgment result is appropriate, executing the step 2;

step 2, calculating corresponding row mark groups and column mark groups of the key factors in the key factor matrix according to the fixed-length binary marks; wherein, include: calculating a column mark group corresponding to the fixed-length binary mark; replacing all row marks of the key factor matrix to obtain a row mark group corresponding to the fixed-length binary mark;

and 3, calculating a key corresponding to the fixed-length binary identification by using the key factors corresponding to the row mark group and the column mark group.

2. The identifier and key mapping method according to claim 1, wherein the step 1 further comprises: and if the judgment result is not suitable, regenerating the key factor matrix.

3. The identifier and key mapping method of claim 1, wherein determining whether the size of the key factor matrix is appropriate is:

judging whether r is larger than n; if the judgment result is that r is not more than n and is less than S, the size of the key factor matrix is proper;

if the judgment result is that r is larger than n, the size of the key factor matrix is not appropriate;

wherein, S: length value of the fixed-length binary mark; n and r are integers.

4. The identifier and key mapping method of claim 1, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:

judging whether k is more than n-r;

if the judgment result is yes, calculating the column marks according to a formulaGroup C_i(ID), the expression of this formula is: c_i(ID)＝[ID＞＞(i×r)]&(2ⁿ-1), i ═ 0 … M-1; wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier;

if the judgment result is negative, calculating the list mark group C according to a formula_i(ID), the formula expression is:

C_i(ID)＝[ID＞＞(i×r)]&(2ⁿ-1)，i＝0...M-[k-(n-r)]-1, and

C_i(ID)＝{ID＞＞[i×(r+1)]}&(2ⁿ-1)，i＝M-[k-(n-r)]…M-1；

wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; m, k, n, r and i are integers.

5. The identifier and key mapping method of claim 1, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:

calculating the list group C according to a formula_i(ID), the formula expression is:

C_i(ID)＝{ID＞＞[i×(r+1)]}&(2ⁿ-1)，i＝0...M-1；

where > denotes a circular shift operation; ID is a fixed-length binary identification; n, r and i are integers.

6. The identifier and key mapping method of claim 1, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:

calculating the list group C according to a formula_i(ID), the formula expression is:

C_i(ID)＝[ID＞＞(i×r’)]&(2ⁿ-1)，i＝0...M-1

wherein, the > represents the circular shift operation, S > r 'is greater than r, r' is not the factor of S, ID is the fixed-length binary system identification; s is the length value of the fixed-length binary mark; r, r', n and i are integers.

7. The identifier and key mapping method of claim 1, wherein the permuting all row labels of the key factor matrix comprises:

directly selecting a data sequence as a row mark group, wherein the data sequence is as follows: 0, 1,..., M-1, where M is the number of rows of the key factor matrix.

8. The identifier and key mapping method of claim 1, wherein the permuting all row labels of the key factor matrix comprises:

storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1.... am-1;

wherein i is 0, 1,.. am-1; m is the number of rows in the key factor matrix.

9. The identifier and key mapping method of claim 8, wherein the step of permuting all row labels of the key factor matrix further comprises the steps of:

step 11, setting i to 0;

step 12, judging whether the ID mod (M-i) < M-i-1 is established or not;

step 13, if the judgment result in the step 12 is yes, exchanging the positions of R [ ID mod (M-i) ] and R [ M-i-1 ]; if the judgment result in the step 12 is negative, executing a step 14;

step 14, setting i to i +1, and judging whether i is equal to M-2;

step 15, if the judgment result in the step 14 is negative, repeating the steps 12 to 15; if the result of the determination in step 14 is yes, the replacement is ended, and the array R [ i ] processed in the above step stores a replacement of (0 … M-1).

10. The identifier and key mapping method of claim 8, wherein the step of permuting all row labels of the key factor matrix further comprises the steps of:

step 21, setting i to 0;

step 22, judging whether ID mod (M-i) ≠ 0 is true;

step 23, if the judgment result in step 22 is yes, exchanging the positions of R [ (ID mod (M-i)) + i ] and R [ i ]; if the judgment result in the step 22 is negative, executing a step 24;

step 24, setting i to i +1, and judging whether i is equal to M-2;

step 25, if the judgment result in the step 24 is negative, repeating the steps 22 to 25; if the judgment result in the step 24 is yes, the replacement is finished, and the array R [ i ] processed by the above steps stores a replacement of (0.. M-1).

11. A method for mapping identities and keys, applied in a combined identity-based key management system in which a key factor matrix has been generated, the method comprising the steps of:

step 1, checking the size of a key factor matrix according to the length value of a fixed-length binary identifier or a fixed-length binary identifier converted from a non-fixed-length binary identifier, wherein the size of the key factor matrix is expressed as 2^mX is N; wherein, include: factoring the length value of the fixed-length binary mark according to a formula, wherein the formula has the expression: s is N × r + k; wherein, S: length value of the fixed-length binary mark; 2^m: the number of rows of the key factor matrix; n: the number of columns of the key factor matrix; k is more than or equal to 0 and k is less than N; s, N, k, r and m are integers; judging whether the size of the key factor matrix is proper or not according to the factorization result; if the judgment result is appropriate, executing the step 2;

step 2, calculating corresponding row mark groups and column mark groups of the key factors in the key factor matrix according to the fixed-length binary marks; wherein, include: calculating a row mark group corresponding to the fixed-length binary mark; replacing all the column marks of the key factor matrix to obtain a column mark group corresponding to the fixed-length binary mark;

and 3, calculating a key corresponding to the fixed-length binary identification by using the key factors corresponding to the row mark group and the column mark group.

12. The identifier and key mapping method according to claim 11, wherein the step 1 further comprises: and if the judgment result is not suitable, regenerating the key factor matrix.

13. The identifier and key mapping method of claim 11, wherein determining whether the size of the key factor matrix is appropriate comprises:

judging whether r is larger than m; if the judgment result is that r is not more than m and is less than S, the size of the key factor matrix is proper;

if the judgment result is that r is larger than m, the size of the key factor matrix is not appropriate;

wherein, S: length value of the fixed-length binary mark; m and r are integers.

14. The identifier and key mapping method of claim 11, wherein said computing a set of row labels corresponding to a fixed-length binary identifier comprises:

judging whether k is more than m-r;

if the judgment result is yes, calculating a line mark group C according to a formula_i(ID), the expression of this formula is:

C_i(ID)＝[ID＞＞(i×r)]&(2^m-1)，i＝0…N-1；

if the judgment result is negative, calculating the line mark group C according to a formula_i(ID), the formula expression is:

C_i(ID)＝[ID＞＞(i×r)]&(2^m-1)，i＝0…N-[k-(m-r)]-1, and

C_i(ID)＝{ID＞＞[i×(r+1)]}&(2^m-1)，i＝N-[k-(m-r)]…N-1；

wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; n, k, r, m and i are integers.

15. The identifier and key mapping method of claim 11, wherein said computing a set of row labels corresponding to a fixed-length binary identifier comprises:

calculating line symbol group C according to formula_i(ID), the formula expression is:

C_i(ID)＝{ID＞＞[i×(r+1)]}&(2^m-1)，i＝0...N-1；

wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; n, r, m and i are integers.

16. The identifier and key mapping method according to claim 1 or 11, wherein said calculating a set of row labels corresponding to a fixed-length binary identifier comprises:

calculating line symbol group C according to formula_i(ID), the formula expression is:

C_i(ID)＝[ID＞＞(i×r’)]&(2^m-1)，i＝0...N-1

wherein, the > represents the cyclic shift operation, S > r '> r, r' is not the factor of S, ID is the fixed-length binary mark; r', r, m and i are integers.

17. The identifier and key mapping method according to claim 1 or 11, wherein the permuting all the columns of the key factor matrix comprises:

directly selecting a data sequence as a list mark group, wherein the data sequence is as follows: 0, 1.

18. The identifier and key mapping method according to claim 1 or 11, wherein the permuting all the columns of the key factor matrix comprises:

storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1...., N-1;

wherein i is 0, 1, a. N is the number of columns of the key factor matrix.

19. The identifier and key mapping method of claim 18, wherein the step of permuting all columns of the key factor matrix further comprises the steps of:

step 31, setting i to 0;

step 32, judging whether the ID mod (N-i) < N-i-1 is established;

step 33, if the judgment result in the step 32 is yes, exchanging the positions of R [ ID mod (N-i) ] and R [ N-i-1 ]; if the judgment result in the step 32 is negative, executing a step 34;

step 34, setting i to i +1, and judging whether i is equal to N-2;

step 35, if the judgment result in the step 34 is negative, repeating the steps 32 to 35; if the result of the determination in step 34 is YES, the permutation is finished, and the array R [ i ] processed in the above step stores a permutation of (0 … M-1).

20. The identifier and key mapping method of claim 18, wherein the step of permuting all columns of the key factor matrix further comprises the steps of:

step 41, setting i to 0;

step 42, judging whether ID mod (N-i) ≠ 0 is true;

step 43, if the judgment result in step 42 is yes, exchanging the positions of R [ (ID mod (N-i)) + i ] and R [ i ]; if the judgment result of the step 42 is negative, executing a step 44;

step 44, setting i to i +1, and judging whether i is equal to N-2;

step 45, if the result of step 44 is negative, repeating steps 42 to 45; if the result of step 44 is YES, the permutation is complete and the array R [ i ] processed by the above steps stores a permutation of (0 … M-1).

21. The identifier and key mapping method according to claim 1 or 11, wherein said step 3 comprises:

selecting key factors corresponding to the row mark groups and the column mark groups from the key factor matrix;

and calculating a key corresponding to the fixed-length binary identification by using the key factor.

22. The method for identifier and key mapping according to claim 21, wherein in a discrete logarithm cryptosystem, the key is calculated according to a formula using a key factor; wherein,

according to the formula <math> <mrow> <msub> <mi>SK</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>&Sigma;</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> <mi>mod</mi> <mi>p</mi> </mrow> </math> Computing the private Key SK_ID；

According to the formula ${\mathrm{PK}}_{\mathrm{ID}}=g^{{\mathrm{SK}}_{\mathrm{ID}}}\mathrm{mod}p$ Computing public key PK_ID；

Wherein p and g are parameters of the discrete logarithm cryptosystem, p is prime number, g is finite field Fp generator, g is less than p, R_iFor line marking, C_iIs a list, SR_i，C_i]Is the private key factor corresponding to the identity.

23. The method for identifier and key mapping according to claim 21, wherein in an elliptic curve cryptosystem, the key is calculated according to a formula using a key factor; wherein,

according to the formula <math> <mrow> <msub> <mi>SK</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>&Sigma;</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> <mi>mod</mi> <mi>n</mi> </mrow> </math> Computing the private Key SK_ID；

According to formula SK_ID＝SK_IDX G calculation public key PK_ID；

Wherein n and G are parameters of the elliptic curve cryptosystem, G is a base point on an elliptic curve E (Fp), n is a prime number, n is the order of the base point G, and R is_iFor line marking, C_iIs a list, SR_i，C_i]Is the private key factor corresponding to the identity.

24. The identifier and key mapping method according to claim 1 or 11, wherein a hash function or a message authentication code function is used to convert the non-fixed-length binary identifier into a fixed-length binary identifier.

Images