信息安全与通信保密
信息安全與通信保密
신식안전여통신보밀
CHINA INFORMATION SECURITY
2012年
12期
116-117,120
,共3页
身份认证%密钥协商%时间戳
身份認證%密鑰協商%時間戳
신빈인증%밀약협상%시간착
identification authentication%key negotiation%timestamp
利用通信双方密码设备的身份特征和共享密钥,提出了一种基于身份认证的密钥协商模型,采用与时间戳机制相绑定的分组密码算法、杂凑算法加密体制,定义了密码设备进行密钥协商的工作流程,按此流程进行双方通信密钥的按需协商以及共享密钥的实时有效更新,保证了密钥协商过程的机密性、完整性、防重放性和不可预测性,为某些应用模式下密码设备的安全密钥交换提供了一种有效实用的技术手段。
利用通信雙方密碼設備的身份特徵和共享密鑰,提齣瞭一種基于身份認證的密鑰協商模型,採用與時間戳機製相綁定的分組密碼算法、雜湊算法加密體製,定義瞭密碼設備進行密鑰協商的工作流程,按此流程進行雙方通信密鑰的按需協商以及共享密鑰的實時有效更新,保證瞭密鑰協商過程的機密性、完整性、防重放性和不可預測性,為某些應用模式下密碼設備的安全密鑰交換提供瞭一種有效實用的技術手段。
이용통신쌍방밀마설비적신빈특정화공향밀약,제출료일충기우신빈인증적밀약협상모형,채용여시간착궤제상방정적분조밀마산법、잡주산법가밀체제,정의료밀마설비진행밀약협상적공작류정,안차류정진행쌍방통신밀약적안수협상이급공향밀약적실시유효경신,보증료밀약협상과정적궤밀성、완정성、방중방성화불가예측성,위모사응용모식하밀마설비적안전밀약교환제공료일충유효실용적기술수단。
With the identity features and sharing keys of both the communication parties' crypto equipments, a key agreement model based on identity authentication is proposed. With ciphering systems of block crypto algorithm bound with time stamp and harsh algorithm, the working flow of key agreement of crypto equipments is defined, and with this flow, the on-demand agreement of both parties' communication key and the real-time update of sharing key are realized, thus to guarantee the confidentiality, integrity, anti-replay and unpredictability of the key agreement process and provide an effective technical means for secure key exchange of crypto equipments in certain application mode.
