CN1909445A - Mapping method for identification and key - Google Patents
Mapping method for identification and key Download PDFInfo
- Publication number
- CN1909445A CN1909445A CNA2006101154407A CN200610115440A CN1909445A CN 1909445 A CN1909445 A CN 1909445A CN A2006101154407 A CNA2006101154407 A CN A2006101154407A CN 200610115440 A CN200610115440 A CN 200610115440A CN 1909445 A CN1909445 A CN 1909445A
- Authority
- CN
- China
- Prior art keywords
- key
- identifier
- key factor
- factor matrix
- fixed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 101
- 238000013507 mapping Methods 0.000 title claims description 61
- 239000011159 matrix material Substances 0.000 claims abstract description 133
- 238000004364 calculation method Methods 0.000 claims description 23
- 125000004122 cyclic group Chemical group 0.000 claims description 10
- 230000001172 regenerating effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a projection method between mark and key, wherein said method can be used in the combined key manage system based on mark; said system has generated key factor matrix; said method comprises: based on the length value of constant binary mark or the constant binary mark transformed from variable binary mark, checking the size of key factor matrix; based on the constant binary mark, calculating out the row mark group and queen mark group of key factor in the key factor matrix to position the key factor; using said key factor to calculate the key relative to the constant binary mark. The invention simplifies the projection method from mark to key, to be used on IPv4 and IPv6, to realize non-conflict projection.
Description
Technical Field
The invention relates to the technical field of combined key management, in particular to the technical field of combined key management based on identification, and specifically relates to a mapping method of identification and a key.
Background
The security of modern cryptography is based on secret key, not algorithm, so that the management and protection of secret keys become the key of information confidentiality. The binding between the key and the key owner identification is one of the most important matters of modern network security research. At present, there are two ways to bind the key and the key owner identifier, one is to generate the key owner identifier through the key, and cga (cryptographicaliy Generated address) is a typical representative of this way; another way is to determine the key corresponding to the identifier by using the identifier, i.e. a cryptosystem based on the identifier. In 1984, Shamir proposed a signature assumption based on identification, and in 2001, Don Boneh and Matthew Franklin proposed a key management system based on identification implemented in the Weil pairing manner. The Combined Public Key (CPK) cryptosystem is also a key management system based on identification, which can directly calculate the public key of the other party according to the identification of the other party of communication, and the realization of the mapping from the identification to the key in the CPK system is a key problem. In a general public key system, the public key of each user is directly published, and as many users publish many public keys, in the combined public key technology, the public key of each user is not directly published, but only publishes a public key factor matrix, and the public key of each user is calculated through the public key factor matrix and a related identifier.
In the combined key management system based on the identification, a mapping algorithm from the identification to the key given by a document ([1] Nanxianghao, Chenzhong; network security technology overview; Beijing, national defense industry publishers, 2003.7; [2] Tang Wen, Nanxianghao, Chenzhong; combined public key technology based on an elliptic curve key system; computer engineering and application, No. 21 2003) is as follows:
firstly, calculating a line mark:
given the row key RowKey, it is a public constant in the system. First, the ID of an indefinite length is converted into a variable Data1 of a fixed length by a HASH function (e.g., MD5, SHA-1, etc.).
That is, hash (id) Data 1;
then, the intermediate variable Data1 is used as Data by an encryption algorithm (such as AES), and the MAP is obtained after the Data is encrypted by a line key RowKey0(ii) a MAP will be0As data, the MA is obtained by encryption by using a secret key RowKeyP1(ii) a Similarly until the desired MAP value is obtained. For convenience of explanation, the size of the key factor matrix is set to be 32 × 32. Then
AESRowKey(Data1)=MAP0;
AESRowKey(MAP0)=MAP1;
Then, MAP0The 16 bytes are respectively modulo by M (M is 32 in the example) to obtain 16 row indexes smaller than M, which are labeled by MAP [ 0%]~MAP[15]Represents, MAP1The 16 bytes of the data are respectively modulo M to obtain 16 line indexes which are less than M and are marked by MAP [16 ]]~MAP[31]Represents;
MAP0[i]mod M=MAP[i](i=0,1...,15);
MAP1[i]mod M=MAP[i](i=16,17...,31);
this gives 32 row labels for 32 selections of rows.
After calculating the row mark, calculating the row mark:
in order to avoid the sequential taking of column labels, the permutation algorithm PMT of the column variables is set, which results in one of the full permutations of (0, 1, 2.., 31), the calculation method of which is shown below.
Firstly, calculating a KEY PMT _ KEY used by a PMT algorithm;
AESColKey(ID) ═ PMT _ KEY, ColKey is a constant that is public in the system.
Using PMTPMT_KEY(original order) ═ PERMUT; the primary sequence is the natural sequence of 0, 1. PERMUT is a new replacement.
The method is a universal mapping method aiming at various types of identifiers, and has the problems of large calculation amount, complex calculation and possible mapping conflict. In the existing scheme, a specific mapping algorithm is not given for identifiers with certain specificity, such as IPv4 and IPv6 addresses, and in an actual scene, the identifiers are widely applied.
Disclosure of Invention
In view of the above problems in the prior art, the present invention provides a mapping method of identifiers and keys, which simplifies the mapping calculation from the identifiers to the keys, and is simple and efficient, and can implement conflict-free mapping from the identifiers to the keys for the identifiers with particularity.
The invention provides a mapping method of identification and key, which is applied to a combined key management system based on identification, wherein a key factor matrix is generated in the system, and the method comprises the following steps: step 1, checking the size of a key factor matrix according to the length value of a fixed-length binary identifier or a fixed-length binary identifier converted from a non-fixed-length binary identifier; step 2, calculating corresponding row mark groups and column mark groups of the key factors in the key factor matrix according to the fixed-length binary marks; and 3, calculating a key corresponding to the fixed-length binary identification by using the key factors corresponding to the row mark group and the column mark group.
The step 1 comprises the following steps: factorizing the length value of the fixed-length binary mark; judging whether the size of the key factor matrix is proper or not according to the factorization result; and if the judgment result is appropriate, executing the step 2.
The step 1 further comprises: and if the judgment result is not suitable, regenerating the key factor matrix.
The size of the key factor matrix is expressed as mx 2nThe factorization of the length value of the fixed-length binary identifier is performed according to a formula, wherein the formula has the expression: s is mxr + k;
wherein, S: length value of the fixed-length binary mark; m: the number of rows of the key factor matrix; 2n: the number of columns of the key factor matrix; k is more than or equal to 0 and is less than M; s, M, k, r and n are integers.
Judging whether the size of the key factor matrix is proper refers to: judging whether r is larger than n; if the judgment result is that r is not more than n and is less than S, the size of the key factor matrix is proper; if the judgment result is that r is larger than n, the size of the key factor matrix is not appropriate; wherein, S: length value of the fixed-length binary mark; n and r are integers.
The step 2 comprises the following steps: calculating a column mark group corresponding to the fixed-length binary mark; and replacing all row marks of the key factor matrix to obtain a row mark group corresponding to the fixed-length binary mark.
The calculating of the column mark group corresponding to the fixed-length binary mark comprises the following steps: judging whether k is more than n-r;
if the judgment result is yes, calculating the list mark group C according to a formulai(ID), the expression of this formula is: ci(ID)=[ID>>(i×r)]&(2n-1), i ═ 0 … M-1; wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier;
if the judgment result is negative, calculating the list mark group C according to a formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r)]&(2n-1),i=0...M-[k-(n-r)]-1, and
Ci(ID)={ID>>[i×(r+1)]}&(2n-1),i=M-[k-(n-r)]…M-1;
wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; m, k, n, r and i are integers.
The calculating of the column mark group corresponding to the fixed-length binary mark comprises the following steps: calculating the list group C according to a formulai(ID), the formula expression is: ci(ID)={ID>>[i×(r+1)]}&(2n-1), i ═ 0.. M-1; where > denotes a circular shift operation; ID is a fixed-length binary identification; n, r and i are integers.
The calculating of the column mark group corresponding to the fixed-length binary mark comprises the following steps: according toSet of formulaic calculation indices Ci(ID), the formula expression is: ci(ID)=[ID>>(i×r’)]&(2n-1),i=0...M-1;
Wherein, the > represents the circular shift operation, S > r 'is greater than r, r' is not the factor of S, ID is the fixed-length binary system identification; s is the length value of the fixed-length binary mark; r, r', n and i are integers.
The replacing all row labels of the key factor matrix includes: directly selecting a data sequence as a row mark group, wherein the data sequence is as follows: 0, 1,..., M-1, where M is the number of rows of the key factor matrix.
The replacing all row labels of the key factor matrix includes: storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1.... am-1; wherein i is 0, 1,.. am-1; m is the number of rows in the key factor matrix.
The replacing all the row labels of the key factor matrix further comprises the following steps:
step 11, setting i to 0;
step 12, judging whether the ID mod (M-i) < M-i-1 is established or not;
step 13, if the judgment result in the step 12 is yes, exchanging the positions of R [ ID mod (M-i) ] and R [ M-i-1 ]; if the judgment result in the step 12 is negative, executing a step 14;
step 14, setting i to i +1, and judging whether i is equal to M-2;
step 15, if the judgment result in the step 14 is negative, repeating the steps 12 to 15; if the result of the determination in step 14 is yes, the replacement is ended, and the array R [ i ] processed in the above step stores a replacement of (0 … M-1).
The replacing all the row labels of the key factor matrix further comprises the following steps:
step 21, setting i to 0;
step 22, judging whether ID mod (M-i) ≠ 0 is true;
step 23, if the judgment result in step 22 is yes, exchanging the positions of R [ (ID mod (M-i)) + i ] and R [ i ]; if the judgment result in the step 22 is negative, executing a step 24;
step 24, setting i to i +1, and judging whether i is equal to M-2;
step 25, if the judgment result in the step 24 is negative, repeating the steps 22 to 25; if the result of the determination in step 24 is yes, the replacement is ended, and the array R [ i ] processed in the above step stores a replacement of (0 … M-1).
The size of the key factor matrix is expressed as 2mX is N; factoring the length value of the fixed-length binary mark according to a formula, wherein the formula has the expression: s is N × r + k;
wherein, S: length value of the fixed-length binary mark; 2m: the number of rows of the key factor matrix; n: the number of columns of the key factor matrix; k is more than or equal to 0 and k is less than N; s, N, k, r and m are integers.
Judging whether the size of the key factor matrix is proper refers to: judging whether r is larger than m; if the judgment result is that r is not more than m and is less than S, the size of the key factor matrix is proper; if the judgment result is that r is larger than m, the size of the key factor matrix is not appropriate; wherein, S: length value of the fixed-length binary mark; m and r are integers.
The step 2 comprises the following steps: calculating a row mark group corresponding to the fixed-length binary mark; and replacing all the column marks of the key factor matrix to obtain a column mark group corresponding to the fixed-length binary mark.
The calculating of the row mark group corresponding to the fixed-length binary mark comprises the following steps: judging whether k is more than m-r;
if the judgment result is yes, calculating a line mark group C according to a formulai(ID) the expression of which is:Ci(ID)=[ID>>(i×r)]&(2m-1),i=0…N-1;
If the judgment result is negative, calculating the line mark group C according to a formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r)]&(2m-1),i=0…N-[k-(m-r)]-1, and
Ci(ID)={ID>>[i×(r+1)]}&(2m-1),i=N-[k-(m-r)]…N-1;
wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; n, k, r, m and i are integers.
The calculating of the row mark group corresponding to the fixed-length binary mark comprises the following steps: calculating line symbol group C according to formulai(ID), the formula expression is: ci(ID)={ID>>[i×(r+1)]}&(2m-1), i ═ 0.. N-1; wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; n, r, m and i are integers.
The calculating of the row mark group corresponding to the fixed-length binary mark comprises the following steps: calculating line symbol group C according to formulai(ID), the formula expression is: ci(ID)=[ID>>(i×r’)]&(2m-1), i ═ 0.. N-1; wherein, the > represents the cyclic shift operation, S > r '> r, r' is not the factor of S, ID is the fixed-length binary mark; r', r, m and i are integers.
The permuting all the columns of the key factor matrix includes: directly selecting a data sequence as a list mark group, wherein the data sequence is as follows: 0, 1.
The permuting all the columns of the key factor matrix includes: storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1...., N-1; wherein i is 0, 1, a. N is the number of columns of the key factor matrix.
The replacing all the column labels of the key factor matrix further comprises the following steps:
step 31, setting i to 0;
step 32, judging whether the ID mod (N-i) < N-i-1 is established;
step 33, if the judgment result in the step 32 is yes, exchanging the positions of R [ ID mod (N-i) ] and R [ N-i-1 ]; if the judgment result in the step 32 is negative, executing a step 34;
step 34, setting i to i +1, and judging whether i is equal to N-2;
step 35, if the judgment result in the step 34 is negative, repeating the steps 32 to 35; if the result of the determination in step 34 is YES, the permutation is finished, and the array R [ i ] processed in the above step stores a permutation of (0 … M-1).
The replacing all the column labels of the key factor matrix further comprises the following steps:
step 41, setting i to 0;
step 42, judging whether ID mod (N-i) ≠ 0 is true;
step 43, if the judgment result in step 42 is yes, exchanging the positions of R [ (ID mod ((N-i) + i)) and R [ i ]; if the judgment result of the step 42 is negative, executing a step 44;
step 44, setting i to i +1, and judging whether i is equal to N-2;
step 45, if the judgment result of the step 44 is negative, repeating the step 42 to the step 45; if the result of the determination in step 44 is YES, the permutation is finished, and the array R [ i ] processed in the above step stores a permutation of (0 … M-1).
The step 3 comprises the following steps: selecting key factors corresponding to the row mark groups and the column mark groups from the key factor matrix; and calculating a key corresponding to the fixed-length binary identification by using the key factor.
In a discrete logarithm cryptosystem, calculating a secret key according to a formula by using a secret key factor; wherein, according to the formula <math> <mrow> <mi>S</mi> <msub> <mi>K</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>Σ</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> <mi>mod</mi> <mi>p</mi> </mrow> </math> Computing the private Key SKID(ii) a According to the formula Computing public key PKID(ii) a Where p and g are parameters of a discrete logarithm cryptosystem, RiIs a column label, CiFor line marking, SRi,Ci]Is the private key factor corresponding to the identity.
In an elliptic curve cryptosystem, a secret key is calculated according to a formula by using a secret key factor; wherein, according to the formula <math> <mrow> <mi>S</mi> <msub> <mi>K</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>Σ</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> <mi>mod</mi> <mi>n</mi> </mrow> </math> Computing the private Key SKID(ii) a According to formula SKID=SKIDX G calculation public key PKID(ii) a Wherein n and G are parameters R of elliptic curve cryptosystemiIs a column label, CiFor line marking, SRi,Ci]Is the private key factor corresponding to the identity.
And converting the non-fixed-length binary identification into a fixed-length binary identification by adopting a hash function or a message authentication code function.
The invention has the advantages of simplifying the mapping calculation from the identifier to the key, having concise and high-efficiency mapping algorithm and realizing conflict-free mapping from the identifier to the key for the identifier with specificity.
Drawings
FIGS. 1A and 1B are schematic diagrams of a public key factor matrix and a private key factor matrix, respectively, of the present invention;
FIG. 2 is a flow chart of a method according to an embodiment of the present invention;
FIG. 3 is a flow chart of a method according to an embodiment of the present invention;
FIG. 4 is a flow chart of a method according to an embodiment of the present invention;
FIG. 5 is a flowchart of a method according to another embodiment of the present invention.
Detailed Description
The present invention is described in detail below with reference to the attached drawings.
The invention provides a mapping method of identification and a secret key, which is applied to a combined secret key management system based on the identification, wherein a secret key factor matrix is generated in the system, and the method comprises the following steps: checking the size of the key factor matrix according to the length value of the fixed-length binary identifier or the fixed-length binary identifier converted from the non-fixed-length binary identifier; calculating corresponding row mark groups and column mark groups of the key factors in the key factor matrix according to the fixed-length binary identification to position the key factors; and calculating a key corresponding to the fixed-length binary identification by using the key factors corresponding to the row label group and the column label group.
The identifier may be an identifier with certain specificity, such as an IPv4 address and an IPv6 address, and the specificity of the identifier, such as an IPv4 address and an IPv6 address, is that the identifier itself is a binary identifier of an S bit (bit); for the original identifier composed of mixed elements of letters, numbers and the like, a fixed-length binary identifier can be generated through HASH (HASH) or encryption algorithm processing, and then corresponding mapping calculation is carried out, wherein the method for converting the variable-length identifier into the fixed-length value can adopt a Message Authentication Code (MAC) function or a common HASH algorithm.
In short, for any identifier, the binding between the key and the key owner identifier can be realized through the identifier and key mapping method provided by the invention.
In an embodiment of the present invention, the key factor matrix includes a public key factor matrix and a private key factor matrix, the key includes a public key and a private key, and the key factor includes a public key factor and a private key factor. Moreover, in implementing the mapping method of the present invention, a key factor matrix of size M × N, where N is 2, has been generated in the systemn,M=2m. The public and private key factor matrixes are the basis of a combined key management system based on identification. The private key is calculated by selecting a private key factor in each row (or column) according to a certain mapping rule in a private key factor matrix through corresponding operation; correspondingly, the public key is calculated by selecting a public key factor in each row (or column) according to a certain mapping rule in the public key factor matrix through corresponding operation. Let private key factor matrix as SKM ═ Sij]Wherein i-0.. M-1, j-0.. N-1; if the private key is calculated by respectively selecting one private key factor from each row in the private key factor matrix, limiting N, and requiring N to be 2nN is a positive integer; if the private key is calculated by selecting a private key factor from each column in the private key factor matrix, limiting M, and requiring M to be 2mAnd m is a positive integer.
The public-private key factor is similarly calculated whether it is chosen by row or column. The differences are only that:
if the row is selected, calculating a column mark group; then all the row labels are replaced, namely the obtained row label is one of the full arrangement of all the row labels;
if the row is selected according to the column, calculating a row label group; and then all the column labels are replaced, namely the obtained column label group is one of the full arrangement of all the column labels.
The present invention will be described in detail with reference to the accompanying drawings.
Example one
In the present embodiment, the public-private key factor is selected by row as an example for description.
Fig. 1A and fig. 1B are schematic diagrams of a private key factor matrix and a public key factor matrix, respectively. As shown, the private key factor matrix is SKM ═ Sij]Wherein i-0.. M-1, j-0.. N-1; the corresponding public key factor matrix is PKM ═ Pij]Wherein i is 0.. M-1, and j is 0.. N-1.
In an elliptic curve cryptosystem, if G is the base point of an elliptic curve, P isij=SijX G, i.e., PKM ═ SKM × G.
In a discrete logarithm cryptosystem, T ═ g, p, where p is a prime number, g is a finite field Fp generator, and g is less than p, then
The size of the key factor matrix is generally related to the security of the system and also to the size of the system (i.e. the number of users), and the length of the identifier determines the maximum number of users in the system.
In the following, the present embodiment is explained with reference to fig. 2 to 4, and in the flowcharts of fig. 2 to 4, before implementing the mapping method of the present invention, a key factor matrix with size M × N is already generated in the system, where N ═ 2n,M=2m. The mapping method of the invention is divided into three processes: verification process of key factor matrix, calculation process of row mark group and column mark group and calculation of keyAnd (6) carrying out the process.
It should be noted that, because the mapping method of the present invention can be applied to fixed-length binary identifiers with S bit, such as IPv4 and IPv6 addresses, and identifiers containing mixed elements of letters, numbers, and the like.
Therefore, for a system using a universal identifier similar to a DNS domain name, as shown in fig. 2, before performing verification of a key factor matrix, the universal identifier needs to be converted into a fixed-length binary identifier and directly used as the fixed-length binary identifier used in the following process (see step S101).
For the fixed-length binary flag identified as S bit, as shown in fig. 4, it can be directly used as the fixed-length binary flag used in the following process (see step S301).
In addition, as shown in fig. 3, a part of the fixed-length binary flag may be selected as the fixed-length binary flag used in the following process (see step S201). For example: if the area managed by the key generation center is a subnet of IPv6, and the subnet prefix is n bits, the system can only consider the interface identification part of 128-n bits to determine the size of the key factor matrix and the mapping between the identification and the key when taking the identification. Similarly, for a system using a universal identifier similar to a DNS domain name, when converting the universal identifier into a fixed-length identifier, only a part of the value calculated by a HASH (HASH) function or a Message Authentication Code (MAC) function may be used for mapping calculation according to the scale of the system.
Verification process of key factor matrix
The checking process of the key factor matrix is to check the size of the key factor matrix according to the length value of the fixed-length binary identifier or the fixed-length binary identifier converted from the non-fixed-length binary identifier.
Verifying the size of the key factor matrix includes:
factorizing the length value of the fixed-length binary mark; judging whether the size of the key factor matrix is proper or not according to the factorization result; and if the result of the judging step is yes, performing the calculation process of the row label group and the column label group. And if the result of the judging step is negative, regenerating the key factor matrix.
As shown in fig. 2, fig. 3 and fig. 4, the verification process for the key factor matrix is specifically as follows:
factorizing the length value of the fixed-length binary mark according to the condition that S is equal to M multiplied by r + k, wherein k is more than or equal to 0 and k is less than M (see step S102); if r is not more than n < S, the key factor matrix is available (see step S103); if r > n, the key factor matrix is too small, and the key factor matrix needs to be regenerated (see step S109), where M is the number of rows of the key factor matrix, S is the length value of the fixed-length binary identifier, k is 0 or a positive integer, and r and n are positive integers.
A specific example is taken for illustration: the binary identification of the S bit of fixed length in the system is expressed as: s ═ mxr (k ═ 0 at this time), it is still assumed that the public and private keys are calculated by selecting a public and private key factor in the public and private key factor matrix according to a certain mapping rule in each row through corresponding operation, and the size of the key factor matrix can be mx 2n’And n' is more than or equal to n. For example, in a system identified by an IPv6 address, if the IPv6 address is 128 bits, and 128 is 32 × 4, the size of the key factor matrix may be 32 × 24。
Second, calculation process of row label group and column label group
In order to calculate a public and private key corresponding to an identifier, a key factor for calculating the public and private key needs to be found out, and a row label group and a column label group corresponding to the key factor in a key factor matrix need to be calculated according to the identifier if the key factor needs to be located.
First, the calculation of the logo groups is performed.
In the above checking process of the key factor matrix, the length value of the fixed-length binary identifier ID is factorized according to S ═ M × r + k, where k is greater than or equal to 0 and k is less than M, M is the number of rows of the key factor matrix, and S is the length value of the fixed-length binary identifier. Since the above-described verification process of the key factor matrix has already been performed, r ≦ n < S in the formula.
Three methods are provided below for calculating the list group by the fixed-length binary identification ID.
First method
As shown in fig. 2, the calculation process is as follows:
if k < n-r, then calculate the set of indices Ci(ID)=[ID>>(i×r)]&(2n-1), i ═ 0.. M-1; wherein > represents a circular shift operation (see steps S104, S105);
if k is more than or equal to n-r, calculating the column symbol group C according to the following formulai(ID) (see step S110):
Ci(ID)=[ID>>(i×r)]&(2n-1),i=0...M-[k-(n-r)]-1,
Ci(ID)={ID>>[i×(r+1)]}&(2n-1),i=M-[k-(n-r)]...M-1
where > denotes a circular shift operation.
Second method
As shown in FIG. 3, the set of symbols C is calculated according to the following formulai(ID) (see step S205):
Ci(ID)={ID>>[i×(r+1)]}&(2n-1),i=0...M-1
where > denotes a circular shift operation.
Third method
As shown in FIG. 4, the set of symbols C is calculated according to the following formulai(ID) (see step S305):
Ci(ID)=[ID>>(i×r’)]&(2n-1),i=0...M-1
where > denotes a circular shift operation, S > r '> r, requiring that r' not be an S factor.
Next, the calculation of the row index group is performed.
The key factor is selected one from each row of the key factor matrix, so that the row index set is a permutation of (0.. M-1), as shown in fig. 2, and the simplest way is to directly select 0.. M-1 (see step S106).
Furthermore, the line index replacement can be performed by the following two methods:
first method
As shown in FIG. 3, in steps S206-S212, 0.. M-1 is sequentially placed in the array R [0]. R [ M-1 ]. The following operational steps are then performed:
1) setting i to 0;
2) judging whether the ID mod (M-i) < M-i-1 is established or not;
3) if the result of 2) is yes, exchanging the positions of R [ ID mod (M-i) ] and R [ M-i-1 ]; if the result of 2) is no, executing 4);
4) setting i ═ i +1, repeating steps 2) to 4), and ending until i ═ M-2.
The array R0.. R M-1 after the above processing is stored as a permutation of (0.. M-1). The data sequence stored in the replaced array is a row mark group.
Second method
As shown in fig. 4, in steps S306 to S312, 0.. M-1 is placed in reverse order in the array a [0]. a [ M-1 ]. The following operational steps are then performed:
1') setting i ═ 0;
2') judging whether ID mod (M-i) ≠ 0 is established;
3 ') if the judgment result of 2') is yes, exchanging the position of A [ ID mod (M-i) ] and A [ i ]; if the judgment result of 2 ') is negative, executing 4');
4 ') set i ═ i +1, repeat steps 2 ') to 4 ') until i ═ M-2 ends.
The array A [0]. A [ M-1] after the above processing is stored as a replacement of (0.. M-1). The data sequence stored in the replaced array is a row mark group.
In step S206 shown in fig. 3 and step S306 shown in fig. 4, the order in which 0.. M-1 is placed in the array may be sequential storage, reverse storage, or random storage.
Thirdly, calculating process of secret key
After the column label group and row label group corresponding to the identifier are calculated, the key factors corresponding to the row label group and column label group are selected from the key factor matrix (see step S107). For example: assuming that the size of the key factor matrix is 16 × 64, i.e., M is 16 and N is 64, the key factors that constitute the public and private keys are selected from the key factor matrix by rows. If, for an identifier ID, 16 values (8, 2, 62.. once.. 33) can be calculated as a column index according to the mapping method given above, the corresponding permutation of the row indices (3, 8, 1.. once.., 12) is then taken from the private key factor matrix S3,8,S8,2,S1,62,......,S12,33Calculating a private key corresponding to the ID; taking P from public key factor matrix by corresponding public key corresponding to identification ID3,8,P8,2,P1,62,......,P12,33And (4) calculating.
After the row label group and the column label group corresponding to the identifier are obtained, the public and private key pair is calculated (see step S108).
The private key is required to be kept secret, only the key management center can store the private key factor matrix, the private key can be generated only in the key management center and is issued to a corresponding entity after being generated, and each entity in the system does not know each private key factor used for calculating the private key of the entity; each identified public key is public throughout the domain managed by the key management center, so the public key factor matrix needs to be public.
In a discrete logarithm cryptosystem, the system parameter T ═ { g, p }, where p is a prime number and g is a finite field FpAnd g is less than p. One column corresponding to the ID is marked as C0,C1~CM-1The corresponding row is denoted R0,R1~RM-1,S[Ri,Ci]If the private key factor is the private key factor corresponding to the identifier, identifying the private key corresponding to the ID:
the corresponding public key:
if the system is an elliptic curve cryptosystem, the system parameter T: (a, b, G, n, p), where p is a positive integer, Fp is a finite field, a, b is a positive integer on Fp, G is a base point on the elliptic curve E (Fp), and n is a prime number, which is the order of the base point G. One column corresponding to the ID is marked as C0,C1~CM-1The corresponding row is denoted R0,R1~RM-1And then, identifying a private key corresponding to the ID:
the corresponding public key:
example two
In this embodiment, the row-wise selection of the public-private key factors is described with reference to fig. 5. The public and private key factors are calculated similarly whether they are selected by row or column.
The private key factor matrix and the public key factor matrix as in fig. 1A and 1B are also employed. Before the method of the embodiment is executed, a key factor matrix with the size of M multiplied by N is generated in the system, wherein N is 2n,M=2m. In the present embodiment, the size of the key factor matrix is expressed as S-2mAnd (4) times N. The mapping method of the present embodiment is also divided into three processes: the method comprises a key factor matrix verification process, a row mark group and column mark group calculation process and a key calculation process.
The mapping method of the present invention can be used for fixed-length binary identifiers with S bit and binary identifiers with non-fixed length composed of mixed elements of letters, numbers, etc. such as IPv4 and IPv6 addresses. In the flow chart of fig. 5, a key factor matrix of size mxn, where N is 2, has been generated in the system before implementing the mapping method of the present inventionn,M=2mAnd m is a positive integer. The identifier shown in fig. 5 is a universal identifier, and it is necessary to convert the identifier into a binary identifier and select a part of the binary identifier as a fixed-length binary identifier in the following steps (see step S401).
Verification process of key factor matrix
The verification process of the key factor matrix is the same as the first embodiment except that the number of rows M of the key factor matrix is replaced by the number of columns N of the key factor matrix at the time of factorization. The specific process is as in step S402, step S403 and step S409 of fig. 5: factorizing the length value S of the fixed-length binary mark according to the condition that S is equal to Nxr + k, wherein k is more than or equal to 0 and is less than N; if r is less than or equal to m and less than S, the key factor matrix is available; if r > m, the key factor matrix is too small and needs to be regenerated.
Second, calculation process of row label group and column label group
In this embodiment, since the key factors are selected according to columns, the row label group needs to be calculated and then the column label group needs to be replaced.
First, the calculation of the line index group is performed.
In the verification process of the key factor matrix, the fixed-length binary identifier ID is factorized according to S ═ N × r + k, where k is greater than or equal to 0 and k is less than N, and N is the number of columns of the key factor matrix. Since the verification process of the key factor matrix has already been passed, r ≦ m < S in this formula. There are also three methods for calculating the row mark group by the fixed-length binary mark ID:
the first method (not shown) is to calculate the row symbol set C according to the following formulai(ID):
If k < m-r, Ci(ID)=[ID>>(i×r)]&(2m-1),i=0...N-1
Where > denotes a circular shift operation;
if k is not less than m-r, Ci(ID)=[ID>>(i×r)]&(2m-1),i=0...N-[k-(m-r)]-1,
Ci(ID)={ID>>[i×(r+1)]}&(2m-1),i=M-[k-(m-r)]...N-1,
Where > denotes a circular shift operation.
The second method (not shown) calculates the set of line symbols C according to the following formulai(ID):
Ci(ID)={ID>>[i×(r+1)]}&(2m-1),i=0...N-1
Where > denotes a circular shift operation.
The third method, see step S405 in FIG. 5, calculates the set of line markers C according to the following formulai(ID),
Ci(ID)=[ID>>(i×r’)]&(2m-1),i=0...N-1
Where > denotes a circular shift operation, S > r '> r, requiring that r' is not a factor of S.
Then, the calculation of the list group is performed.
The key factor is selected one from each column of the key factor matrix, so that the set of columns is a permutation of (0.. N-1), the simplest way being to directly select 0.. N-1 (not shown in the figure). In addition, the same substitution can be carried out by slightly changing the two methods in the first embodiment:
in a first method (not shown), 0.. N-1 is stored sequentially, in reverse order, or in a random order in the array R [0]. R [ N-1 ]. The following operational steps are then performed:
1) setting i to 0;
2) judging whether the ID mod (N-i) < N-i-1 is established or not;
3) if the result of 2) is yes, exchanging R [ ID mod (N-I) ] and R [ N-I-1] for position; if the result of 2) is no, executing 4);
4) setting i ═ i +1, repeating steps 2) to 4), and ending until i ═ N-2.
The array R0.. RN-1 processed above stores a permutation of (0.. N-1). The data sequence stored in the replaced array is the column label group.
As shown in steps S406 to S412 of fig. 5, the second method stores 0.. N-1 in sequence, in reverse order, or in random order in the array a [0]. a [ N-1 ]. The following operational steps are then performed:
1') setting i ═ 0;
2') judging whether ID mod (N-i) ≠ 0 is established;
3 ') if the result of 2') is yes, exchanging A [ ID mod (N-I) ] and A [ I ] for position; if the result of 2 ') is no, then execute 4');
4 ') set i ═ i +1, repeat steps 2 ') to 4 ') until i ═ N-2 ends.
The array A [0]. A [ N-1] after the above processing is stored with a replacement of (0.. N-1). The data sequence stored in the replaced array is the column label group.
Third, the calculation process of the key is the same as that of the first embodiment, and is not described herein again.
The invention simplifies the mapping method from the identifier to the key, has simple and high-efficiency mapping method and easy realization, and can realize conflict-free mapping from the identifier to the key for the identifiers such as IPv4 and IPv 6.
The above examples are intended to illustrate the invention, but not to limit the invention.
Claims (27)
1. A method for mapping identities and keys, applied in a combined identity-based key management system in which a key factor matrix has been generated, the method comprising the steps of:
step 1, checking the size of a key factor matrix according to the length value of a fixed-length binary identifier or a fixed-length binary identifier converted from a non-fixed-length binary identifier;
step 2, calculating corresponding row mark groups and column mark groups of the key factors in the key factor matrix according to the fixed-length binary marks;
and 3, calculating a key corresponding to the fixed-length binary identification by using the key factors corresponding to the row mark group and the column mark group.
2. The identifier and key mapping method according to claim 1, wherein the step 1 comprises:
factorizing the length value of the fixed-length binary mark;
judging whether the size of the key factor matrix is proper or not according to the factorization result;
and if the judgment result is appropriate, executing the step 2.
3. The identifier and key mapping method according to claim 2, wherein the step 1 further comprises: and if the judgment result is not suitable, regenerating the key factor matrix.
4. Method for mapping identities and keys according to claim 2 or 3, characterized in that the size of the key factor matrix is expressed as mx 2nThe factorization of the length value of the fixed-length binary identifier is performed according to a formula, wherein the formula has the expression:
S=M×r+k;
wherein, S: length value of the fixed-length binary mark; m: the number of rows of the key factor matrix; 2n: the number of columns of the key factor matrix; k is more than or equal to 0 and is less than M; s, M, k, r and n are integers.
5. The identifier and key mapping method of claim 4, wherein determining whether the size of the key factor matrix is appropriate is:
judging whether r is larger than n; if the judgment result is that r is not more than n and is less than S, the size of the key factor matrix is proper;
if the judgment result is that r is larger than n, the size of the key factor matrix is not appropriate;
wherein, S: length value of the fixed-length binary mark; n and r are integers.
6. The identifier and key mapping method of claim 4, wherein the step 2 comprises:
calculating a column mark group corresponding to the fixed-length binary mark;
and replacing all row marks of the key factor matrix to obtain a row mark group corresponding to the fixed-length binary mark.
7. The identifier and key mapping method of claim 6, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:
judging whether k is more than n-r;
if the judgment result is yes, calculating the list mark group C according to a formulai(ID), the expression of this formula is: ci(ID)=[ID>>(i×r)]&(2n-1), i ═ 0 … M-1; wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier;
if the judgment result is negative, calculating the list mark group C according to a formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r)]&(2n-1),i=0...M-[k-(n-r)]-1, and
Ci(ID)={ID>>[i×(r+1)]}&(2n-1),i=M-[k-(n-r)]…M-1;
wherein > represents a cyclic shift operation, and ID is the fixed-length binary identifier; m, k, n, r and i are integers.
8. The identifier and key mapping method of claim 6, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:
calculating the list group C according to a formulai(ID), the formula expression is:
Ci(ID)={ID>>[i×(r+1)]}&(2n-1),i=0...M-1;
wherein > > represents a cyclic shift operation; ID is a fixed-length binary identification; n, r and i are integers.
9. The identifier and key mapping method of claim 6, wherein said computing a set of tokens corresponding to a fixed-length binary identifier comprises:
calculating the list group C according to a formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r’)]&(2n-1),i=0...M-1
wherein, the >; s is the length value of the fixed-length binary mark; r, r', n and i are integers.
10. The identifier and key mapping method of claim 6, wherein the permuting all row labels of the key factor matrix comprises:
directly selecting a data sequence as a row mark group, wherein the data sequence is as follows: 0, 1,..., M-1, where M is the number of rows of the key factor matrix.
11. The identifier and key mapping method of claim 6, wherein the permuting all row labels of the key factor matrix comprises:
storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1.... am-1;
wherein i is 0, 1,.. am-1; m is the number of rows in the key factor matrix.
12. The identifier and key mapping method of claim 11, wherein the step of permuting all row labels of the key factor matrix further comprises the steps of:
step 11, setting i to 0;
step 12, judging whether the ID mod (M-i) < M-i-1 is established or not;
step 13, if the judgment result in the step 12 is yes, exchanging the positions of R [ ID mod (M-i) ] and R [ M-i-1 ]; if the judgment result in the step 12 is negative, executing a step 14;
step 14, setting i to i +1, and judging whether i is equal to M-2;
step 15, if the judgment result in the step 14 is negative, repeating the steps 12 to 15; if the result of the determination in step 14 is yes, the replacement is ended, and the array R [ i ] processed in the above step stores a replacement of (0 … M-1).
13. The identifier and key mapping method of claim 11, wherein the step of permuting all row labels of the key factor matrix further comprises the steps of:
step 21, setting i to 0;
step 22, judging whether ID mod (M-i) ≠ 0 is true;
step 23, if the judgment result in step 22 is yes, exchanging the positions of R [ (ID mod (M-i)) + i ] and R [ i ]; if the judgment result in the step 22 is negative, executing a step 24;
step 24, setting i to i +1, and judging whether i is equal to M-2;
step 25, if the judgment result in the step 24 is negative, repeating the steps 22 to 25; if the result of the determination in step 24 is yes, the replacement is ended, and the array R [ i ] processed in the above step stores a replacement of (0 … M-1).
14. Method for mapping identities and keys according to claim 2 or 3, characterized in that the size of the key factor matrix is expressed as 2mX is N; factoring the length value of the fixed-length binary mark according to a formula, wherein the formula has the expression:
S=N×r+k;
wherein, S: length value of the fixed-length binary mark; 2m: the number of rows of the key factor matrix; n: the number of columns of the key factor matrix; k is more than or equal to 0 and k is less than N; s, N, k, r and m are integers.
15. The identifier and key mapping method of claim 14, wherein determining whether the size of the key factor matrix is appropriate comprises:
judging whether r is larger than m; if the judgment result is that r is not more than m and is less than S, the size of the key factor matrix is proper;
if the judgment result is that r is larger than m, the size of the key factor matrix is not appropriate;
wherein, S: length value of the fixed-length binary mark; m and r are integers.
16. The identifier and key mapping method of claim 14, wherein the step 2 comprises:
calculating a row mark group corresponding to the fixed-length binary mark;
and replacing all the column marks of the key factor matrix to obtain a column mark group corresponding to the fixed-length binary mark.
17. The identifier and key mapping method of claim 16, wherein said computing a set of row labels corresponding to a fixed-length binary identifier comprises:
judging whether k is more than m-r;
if the judgment result is yes, calculating a line mark group C according to a formulai(ID), the expression of this formula is:
Ci(ID)=[ID>>(i×r)]&(2m-1),i=0…N-1;
if the judgment result is negative, calculating the line mark group C according to a formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r)]&(2m-1),i=0…N-[k-(m-r)]-1, and
Ci(ID)={ID>>[i×(r+1)]}&(2m-1),i=N-[k-(m-r)]…N-1;
wherein, the equation represents the cyclic shift operation, and the ID is the fixed-length binary identification; n, k, r, m and i are integers.
18. The identifier and key mapping method of claim 16, wherein said computing a set of row labels corresponding to a fixed-length binary identifier comprises:
calculating line symbol group C according to formulai(ID), the formula expression is:
Ci(ID)={ID>>[i×(r+1)]}&(2m-1),i=0...N-1;
wherein, the equation represents the cyclic shift operation, and the ID is the fixed-length binary identification; n, r, m and i are integers.
19. The identifier and key mapping method of claim 16, wherein said computing a set of row labels corresponding to a fixed-length binary identifier comprises:
calculating line symbol group C according to formulai(ID), the formula expression is:
Ci(ID)=[ID>>(i×r’)]&(2m-1),i=0...N-1
wherein, the >; r', r, m and i are integers.
20. The identifier and key mapping method of claim 16, wherein the permuting all columns of the key factor matrix comprises:
directly selecting a data sequence as a list mark group, wherein the data sequence is as follows: 0, 1.
21. The identifier and key mapping method of claim 16, wherein the permuting all columns of the key factor matrix comprises:
storing data sequences in sequence, reverse sequence or random sequence in an array R [ i ], wherein the data sequences are as follows: 0, 1...., N-1;
wherein i is 0, 1, a. N is the number of columns of the key factor matrix.
22. The identifier and key mapping method of claim 21, wherein the step of permuting all columns of the key factor matrix further comprises the steps of:
step 31, setting i to 0;
step 32, judging whether the ID mod (N-i) < N-i-1 is established;
step 33, if the judgment result in the step 32 is yes, exchanging the positions of R [ ID mod (N-i) ] and R [ N-i-1 ]; if the judgment result in the step 32 is negative, executing a step 34;
step 34, setting i to i +1, and judging whether i is equal to N-2;
step 35, if the judgment result in the step 34 is negative, repeating the steps 32 to 35; if the result of the determination in step 34 is YES, the permutation is finished, and the array R [ i ] processed in the above step stores a permutation of (0 … M-1).
23. The identifier and key mapping method of claim 21, wherein the step of permuting all columns of the key factor matrix further comprises the steps of:
step 41, setting i to 0;
step 42, judging whether ID mod (N-i) ≠ 0 is true;
step 43, if the judgment result in step 42 is yes, exchanging the positions of R [ (ID mod ((N-i) + i)) and R [ i ]; if the judgment result of the step 42 is negative, executing a step 44;
step 44, setting i to i +1, and judging whether i is equal to N-2;
step 45, if the result of step 44 is negative, repeating steps 42 to 45; if the result of step 44 is YES, the permutation is complete and the array R [ i ] processed by the above steps stores a permutation of (0 … M-1).
24. The identifier and key mapping method of claim 1, wherein said step 3 comprises:
selecting key factors corresponding to the row mark groups and the column mark groups from the key factor matrix;
and calculating a key corresponding to the fixed-length binary identification by using the key factor.
25. The method for identifier and key mapping according to claim 24, wherein in a discrete logarithm cryptosystem, the key is calculated according to a formula using a key factor; wherein,
according to the formula <math> <mrow> <mrow> <msub> <mi>SK</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>Σ</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> </mrow> <mfenced open='' close=''> <mtable> <mtr> <mtd> <mi>mod</mi> </mtd> <mtd> <mi>p</mi> </mtd> </mtr> </mtable> </mfenced> </mrow> </math> Computing the private Key SKID;
According to the formula Computing public key PKID;
Where p and g are parameters of a discrete logarithm cryptosystem, RiIs a column label, CiFor line marking, SRi,Ci]Is the private key factor corresponding to the identity.
26. The method for identifier and key mapping according to claim 24, wherein in an elliptic curve cryptosystem, the key is calculated according to a formula using a key factor; wherein,
according to the formula <math> <mrow> <mrow> <msub> <mi>SK</mi> <mi>ID</mi> </msub> <mo>=</mo> <munderover> <mi>Σ</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>0</mn> </mrow> <mi>M</mi> </munderover> <mi>S</mi> <mo>[</mo> <msub> <mi>R</mi> <mi>i</mi> </msub> <mo>,</mo> <msub> <mi>C</mi> <mi>i</mi> </msub> <mo>]</mo> </mrow> <mfenced open='' close=''> <mtable> <mtr> <mtd> <mi>mod</mi> </mtd> <mtd> <mi>n</mi> </mtd> </mtr> </mtable> </mfenced> </mrow> </math> Computing the private Key SKID;
According to formula SKID=SKIDX G calculation public key PKID;
Wherein n and G are parameters R of elliptic curve cryptosystemiIs a column label, CiFor line marking, SRi,Ci]Is the private key factor corresponding to the identity.
27. The identifier and key mapping method according to claim 1, wherein a hash function or a message authentication code function is used to convert the non-fixed-length binary identifier into a fixed-length binary identifier.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610115440A CN100589375C (en) | 2006-08-09 | 2006-08-09 | Mapping method for identification and key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610115440A CN100589375C (en) | 2006-08-09 | 2006-08-09 | Mapping method for identification and key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1909445A true CN1909445A (en) | 2007-02-07 |
| CN100589375C CN100589375C (en) | 2010-02-10 |
Family
ID=37700444
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200610115440A Expired - Fee Related CN100589375C (en) | 2006-08-09 | 2006-08-09 | Mapping method for identification and key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100589375C (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101420300B (en) * | 2008-05-28 | 2013-05-29 | 北京易恒信认证科技有限公司 | Double factor combined public key generating and authenticating method |
| CN105897405A (en) * | 2016-06-02 | 2016-08-24 | 北京赛思信安技术股份有限公司 | 128-bit symmetric secret key production and protection method |
| CN110490338A (en) * | 2019-08-19 | 2019-11-22 | 蘑菇物联技术(深圳)有限公司 | A kind of electromechanical equipment genuine part method of calibration based on cloud computing |
| CN114065188A (en) * | 2021-10-18 | 2022-02-18 | 北京迪曼森科技有限公司 | Key seed matrix, certificateless anti-collision key generation method based on the matrix |
-
2006
- 2006-08-09 CN CN200610115440A patent/CN100589375C/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101420300B (en) * | 2008-05-28 | 2013-05-29 | 北京易恒信认证科技有限公司 | Double factor combined public key generating and authenticating method |
| CN105897405A (en) * | 2016-06-02 | 2016-08-24 | 北京赛思信安技术股份有限公司 | 128-bit symmetric secret key production and protection method |
| CN105897405B (en) * | 2016-06-02 | 2019-04-05 | 北京赛思信安技术股份有限公司 | 128 Symmetric key generations of one kind and protective device |
| CN110490338A (en) * | 2019-08-19 | 2019-11-22 | 蘑菇物联技术(深圳)有限公司 | A kind of electromechanical equipment genuine part method of calibration based on cloud computing |
| CN114065188A (en) * | 2021-10-18 | 2022-02-18 | 北京迪曼森科技有限公司 | Key seed matrix, certificateless anti-collision key generation method based on the matrix |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100589375C (en) | 2010-02-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1251715A (en) | Cyclotomic polynomial construction of discrete logarithm cryptosystem over finite fields | |
| CN1870499A (en) | Method for generating multiple variable commom key password system | |
| CN1093665C (en) | Data Hiding and Data Extraction Methods Using Statistical Tests | |
| CN1728634A (en) | The method and apparatus that multiplies each other in the Galois Field and invert equipment and byte replacement equipment | |
| CN1729645A (en) | Secure communications | |
| CN1707999A (en) | Distribution management of certificate revocation lists | |
| CN1338166A (en) | Public and private key cryptographic method | |
| CN1349182A (en) | Encipher decipher devices and device for producing expanded key, method and recording medium therefor | |
| CN1656733A (en) | S-BOX encryption in block cipher implementations | |
| CN1905438A (en) | Combined key managing method and system based on ID | |
| CN101034424A (en) | Date safety storing system, device and method | |
| CN1845213A (en) | A Method for Realizing Encryption and Decryption in SMS4 Cipher Algorithm | |
| CN1941699A (en) | Cryptographic methods, host system, trusted platform module, and computer arrangement | |
| CN1177245A (en) | Enciphering method, deciphering method and certifying method | |
| CN1324028A (en) | Document managing device | |
| CN1921382A (en) | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device | |
| CN1275846A (en) | Device and method for data encipher | |
| CN1146184C (en) | Cluster password management method between first computer unit and cluster computer unit | |
| CN1909445A (en) | Mapping method for identification and key | |
| CN1602615A (en) | Packet routing device and packet routing method | |
| CN1806224A (en) | Method for defence against differential power analysis attacks | |
| CN1242321C (en) | Power residue arithemic unit using Montgomery algorithm | |
| CN1836396A (en) | Traceable method and system for encrypting and/or decrypting data, and recording media therefor | |
| CN1831900A (en) | Decryption apparatus and decryption method | |
| CN1163814C (en) | A digital data transformation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100210 Termination date: 20150809 |
|
| EXPY | Termination of patent right or utility model |