Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Multi-KMC key recovery method

A key recovery and key technology, applied in the field of information security, can solve the problems of KMC breach and key leakage, and achieve the effect of ensuring security, simplifying complexity, and ensuring transmission security.

Inactive Publication Date: 2017-09-15
JINAN INSPUR HIGH TECH TECH DEV CO LTD
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] With the development of network attack technology, a single KMC can no longer meet the demand. KMC may be compromised, and there is a risk of key leakage. On the other hand, social engineering attacks and other attacks against insiders will also cause KMC to be compromised.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-KMC key recovery method
  • Multi-KMC key recovery method
  • Multi-KMC key recovery method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] A multi-KMC key recovery system, which includes a user encryption terminal, KMC and a third-party CA center;

[0043] The user encryption terminal is responsible for the generation of random numbers and keys, key division, and data packet signature verification, encryption and decryption operations;

[0044] The KMC is responsible for the preservation and restoration of the split key;

[0045] The third-party CA center is responsible for issuing digital certificates for each participant.

[0046] The multiple KMC key recovery method is realized through two parts: key backup and key recovery;

[0047] Key backup: The third-party CA center first issues a digital certificate to each participant, and then uses a user encryption terminal to generate a random number. According to the threshold number of the set KMC, a threshold algorithm is used to split the key, and the split random number Sign it, encrypt it with the public key of each KMC, and upload it to KMC for key backup;

[004...

Embodiment 2

[0068] A multi-KMC key recovery system, which includes a user encryption terminal, KMC and a third-party CA center;

[0069] The user encryption terminal is responsible for the generation of random numbers and keys, key division, and data packet signature verification, encryption and decryption operations;

[0070] The KMC is responsible for the preservation and restoration of the split key;

[0071] The third-party CA center is responsible for issuing digital certificates for each participant.

[0072] For clarity of description, assume that in this embodiment, the encryption key algorithm is the SM2 national secret algorithm, the SM3 national secret algorithm is used as the digest algorithm, the SM3 SM2 national secret algorithm is used as the signature algorithm, and the digital certificate is in the X509 format. In addition, the KMC threshold mofn involved in key backup and recovery is (2,3), which means that there are 3 KMCs used to back up the key, and any 2 of them can restore ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a multi-KMC key recovery method. The method is realized through two parts including key backup and key recovery, wherein the key backup comprises the following steps of making a third-party CA center issue a digital certificate to each participator, utilizing a user encryption terminal to generate random numbers, utilizes a threshold algorithm to carry out partitioning on a key according to the set KMC threshold number, signing the divided random numbers, utilizing a public key of each KMC to encrypt and uploading to the KMC to carry out key backup; the key recovery comprises the following steps of making a key request for the corresponding KMC according to the KMC threshold number and recovering the key from the user encryption terminal. The method has the following characteristics that 1) the generation intensity of the random numbers is guaranteed and the operation complexity is simplified; 2) even if the part of KMC is broken, the key cannot be leaked, and even if the part of KMC is destroyed, the recovery of the backup key can be also guaranteed; and 3) the security of the encryption key is guaranteed and the key transmission security is also guaranteed.

Description

Technical field [0001] The invention relates to the technical field of information security, in particular to a method for restoring multiple KMC keys. Background technique [0002] In recent years, as information security incidents have shown an increasing trend year by year, people have paid more and more attention to network information security issues. Network security incidents are frequent. Cyber ​​attacks have risen from personal incidents such as information leakage, fund theft, telecommunications fraud and phishing websites to security incidents in the whole society, which will affect our lives, government services, social stability and even social security. In today’s era of big data, in order to manage and use big data well, the premise must be to ensure the security of big data. This requires a credible computing environment, and the core of a credible computing environment is to ensure participation Party’s key is safe. [0003] In a trusted computing environment, th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L9/32
Inventor 孙善宝于治楼李秀芳
Owner JINAN INSPUR HIGH TECH TECH DEV CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com