Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Key management mechanism

A key management and key technology, applied in key distribution, can solve the problem of inability to solve the security of cryptographic device key management, the use of device keys cannot meet customer requirements, etc., to ensure safe use and ensure safe management. , Solve the effect of safe and reliable

Inactive Publication Date: 2011-03-16
WUXI JIANGNAN INFORMATION SAFETY ENG TECH CENT
View PDF2 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The present invention provides a safe and convenient key management mechanism in view of the fact that the use of device keys in the prior art cannot meet customer requirements, and cannot solve the security problems of cryptographic devices in key management and use

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Key management mechanism
  • Key management mechanism
  • Key management mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] Key management mechanisms such as figure 1 , figure 2 and image 3 As shown, the steps are as follows:

[0033] Key management mechanism, the steps of the key management are as follows:

[0034] The first step: Initialize the cryptographic device in the initial state, that is, clear all keys in the key storage area of ​​the cryptographic device, generate two 128-bit symmetric keys called component 1 and component 2, and convert component 1 to Stored in the key storage area of ​​the cryptographic device, component 2 is temporarily stored in the memory;

[0035] The second step: regenerate the device signing key, that is, generate a pair of public and private keys as the signing key of the device and store it in the signing key storage area of ​​the key, copy the device signing key to the device encryption key storage area, Put the cryptographic device in the ready state;

[0036] Step 3: Regenerate the administrator’s signature key, that is, generate a pair of publ...

Embodiment 2

[0048] According to the figure below, some characteristics and changing steps of the key are described in detail to ensure the safe management of the key. Through various initializations of the key, the initialization method and process are explained to ensure the safe use of the key, so as to solve the problem of cryptographic equipment in key management. And the problem of achieving safety and reliability in use.

[0049] 1. Key generation and storage:

[0050] 1. Device key: the signature key pair is generated by the cryptographic device during the original initialization, and the cryptographic device is in the ready state after the key is generated. In this state, you can export its public key to apply for a certificate from a certificate authority at any time. The device encryption key pair is generated by an external key management center, and its private key is protected by a device signature public key as a digital envelope, which can be downloaded to the encryption d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of computer information security, and discloses a safe and convenient key management mechanism. The key management mechanism comprises the following steps: firstly, primitively initializing cryptographic equipment in an initial state, and then generating an equipment signature key and an administrator signature key; issuing all administrator certificates, and then generating a backup key, a backup equipment key and a memory equipment key to finish primitive initialization; and electrifying for initializing the cryptographic equipment in a ready state. By adopting the technical scheme, the key management mechanism ensures key safety management, and ensures key safety use by explaining the initialization mode and process through various types of key initialization, thus solving the problem of realizing the safety and reliability of the cryptographic equipment in terms of key management and use.

Description

technical field [0001] The invention relates to the field of computer information security, in particular to a key management mechanism applied to information security equipment based on PKI technology to ensure safe and convenient key management in the equipment. Background technique [0002] At present, in information security equipment based on PKI technology, the key management does not meet the requirements, the use of device keys cannot meet the requirements of not being open to application systems, and the keys are not generated and stored in a safe way; Keys other than the public key often appear outside the cryptographic device in plain text; the key stored inside the cryptographic device does not have an effective key protection mechanism, and there will be phenomena of dissection, detection, and illegal reading by outsiders; at the same time, the cryptographic device The internally stored key does not have a permission control mechanism, and illegal use and illega...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L9/08
Inventor 刘平徐强
Owner WUXI JIANGNAN INFORMATION SAFETY ENG TECH CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products