TWI430643B - Secure key recovery system and method - Google Patents

Description

Secure key recovery system and method

The key is backed up and replied to avoid decrypting and restoring the encrypted ciphertext if the key of the encrypted data is lost, damaged or stolen. And through the use of IC cards and hardware The security module (HSM) and other high-security encryption storage devices assist the key recovery system in the process of key storage and transmission, and it is not easy to be cracked by hackers.

The past key reply technology includes the card management center, the key custodian center and the key reply center. The key reply mechanism is only responsible for the key recovery request of the private key of the encryption and decryption key, and each IC card contains Two sets of key pairs: the key pair used for signing, and the key pair for encryption and decryption.

In the past, the card management center included a hardware security module (HSM), a console PC that manages the hardware security module and IC card production operations, and a hardware security module in the card management center. Will be responsible for the end user (hereinafter referred to as: EE) encryption and decryption key to the production system and the encryption and decryption of the private key of the encryption operation, the card management center will encrypt and decrypt the private key share encryption to send the gold in different network segments The key custodian is located and must transfer data to each key storage system of the key custodian via an encrypted secure channel (eg SSL). When the hardware security module (HSM) is connected to the key carrier, the potential problems are as follows: 1. How important information in the key carrier is transmitted to the hardware security module. Second, how to make the hardware security module (HSM) replace the important information in the key carrier for signature. 3. Whether the key carrier can decrypt the encrypted EE encryption and decryption private key within it. 4. Whether the key carrier can internally store the decrypted EE encryption and decryption private key in its own. 5. The division of powers and responsibilities of the card management center and the key recovery is unclear, and the operational procedures are more complicated.

The past key storage center includes a plurality of key storage systems, and each key storage system is responsible for storing and storing each of the EE decryption private keys and encrypting the shared key. Each key storage system contains a key reply center (hereinafter referred to as: KRC). The key storage system only stores the encrypted distribution key and does not store unencrypted data. gold The key storage system does not have the function of decrypting and combining the stored encrypted share keys. The key storage system can only accept and store the encrypted distribution key from the card management center. The key storage system can only transfer the encrypted distribution key to the key recovery center. The multiple key storage systems of the Key Custody Center may be set in different geographical locations.

The past key recovery center included a hardware security module (HSM), a console PC that handles the management of hardware security modules (HSMs) and key recovery operations. The hardware security module (HSM) in the key recovery center is responsible for decrypting and combining the encrypted data into EE encryption and decryption private keys to write back the key recovery operation of the IC card. According to the IC card information (such as the IC card number), the EE decryption private key data corresponding to the plurality of encrypted segments of the IC card is obtained from the plurality of key storage systems of the key storage center, and the key is restored in the center. The Body Security Module (HSM) decrypts each part of the EE decrypted private key data with a plurality of encrypted partitions using its KRC private key, and the hardware security module (HSM) combines the plurality of split parts of the EE decrypted private key into The original EE decryption private key, the hardware security module (HSM) directly writes the EE decryption private key made by the key reply mechanism to the key recovery dedicated IC card. If the key reply center and the key custodian are located on different network segments, the data must be transmitted from the key storage system in the key custodian to the key replies via an encrypted secure channel (for example, SSL). The potential problems are as follows: 1. If the KRC hardware security module (HSM) is divided into two or more operations, each of which handles the encrypted private key from the key storage center, then two or more hardware security modules. After the individual (HSM) decryption, how to securely collect the decrypted private keys and combine them into an EE private key. Second, may suffer from man-in-the-middle attacks. Past key recovery techniques have not been able to effectively solve this problem.

Since the traditional key reply mechanism still has many security vulnerabilities and discussion topics of hacker attack and defense, this security key recovery method specifically corrects these problems, and Explore the concept of a new generation of key recovery that is more secure, robust and secure.

It can be seen that the above-mentioned conventional methods are still missing, which is not a good design, and needs to be improved.

In view of the shortcomings derived from the above-mentioned conventional methods, the present invention has been improved and innovated, and after painstaking research, finally successfully developed a safe key recovery method.

The purpose of the present invention is to provide a secure key recovery system and method for improving the security of key recovery, avoiding malicious attacks by the intermediary program in the process of replying, and obtaining the clear/response key plaintext.

A secure key recovery system and method for achieving the above object, so that any intermediary program cannot obtain the backup/restore key plaintext during the key reply process, and the present invention utilizes the IC chip card and the HSM to assist the security key reply. System and method for establishing a secure key recovery method for achieving the purpose of the present invention, wherein the invention includes: 1. a key backup technology; 2. a key reply technology; and a secure communication protocol for key backup and reply. .

(1) Key backup technology, the main operational roles include Key Responsive Center (KRC) and Card Management Center (CMC). The Key Retrieval Center and the Card Management Center share their databases, each using their own data sheets. (2) Key recovery technology, including the detailed operation procedures of the Credential Management Center Repository, the Card Management Center and the Key Retrieval Center; (3) The secure communication protocol for key backup and reply, including The calculation process of the safety agreement.

Please refer to Figure 1 for the security key recovery system overall relationship diagram, its implementation role includes:

(1) The voucher management center repository (Repository) 11 , the voucher management center repository mainly provides the key reply center download voucher, status query, key reply request form download and related announcement service.

(2) Auditing host (Audit) 12, the auditing host mainly records the important information of the operation of the key backup and key reply, and provides relevant security audit inquiry.

(3) Card Management Center (CMC) 13:

a. The card management center will reply the key to the mutual authentication between the HSM and the IC card produced by the key recovery center (this key is used exclusively for the key reply agreement, the following is specifically referred to as the agreement key by Kr) Another data encrypted by the encryption and decryption key KKr (specifically used for encryption and decryption Kr, hereinafter referred to as KKr) is stored in the card management database, and the encryption and decryption key KKr is written into the IC card. As for the reply key Kr In the key reply center, the A/B key is used to share the code list, and the reply key Kr is written into the HSM to avoid the exposure of the key.

b. Provide the initialized blank IC card to the key recovery center for key backup and reply. The IC card has been written into the key card special program (hereinafter referred to as Applet) and encrypted and decrypted. The Kr data encrypted by the key KKr.

(4) Key Responsive Center (KRC) 14. The key reply center is the main core for key backup and reply, and the key is backed up when the card is issued. When the key is replied, the application operation is reviewed, and then The key is replied to the card and printed.

(5) Key reply database 15, the key reply database mainly stores the backup key Information related to the key reply.

Please refer to Figure 2, for the key backup role relationship and flow chart, the implementation role includes: key recovery center (key production and reply write card) 21, data management center (shared DBMS) 22, card service Management Center (personalized pre-processing) 23.

There are two main operational roles: the Key Responsive Center and the Card Management Center. The Key Responsive Center and the Card Management Center share their databases, each using their own data sheets without interlacing. The key backup must be completed before the key backup card is issued:

(1) The HSM of the key reply center and the IC card of the pending card all have the same data encryption symmetric key (Kr), which is used for the trust basis of HSM and IC card mutual recognition when the key is backed up or restored:

There are a total of n, HSM contains n Kr, respectively Kr1, Kr2, ..., Krn, and there is only one key in the IC card to decrypt and decrypt Kr (KKr).

b. Each batch of IC card corresponds to a Krj in the card management database with the card number, and the corresponding Krj encrypted by KKr in the card management database is retrieved, and the Krj is decrypted by the KKr in the card to obtain Krj, which will be in the HSM. One of Kr1 to Krn is the same.

c. nKr is generated by the key recovery center, and Kr is written into the HSM by the A/B key, and the data is sent to the card management center by the Kr. .

(2) At the beginning of the card washing, the card management center will write the Key Recovery Applet containing KKr to the IC card, and the key recovery center will also write the Kr in advance with the A/B key. In the key recovery center HSM, each key corresponds to the B batch of IC cards, and each batch of IC cards corresponds to the Kr within the card number.

(3) The HSM hardware security module of the key recovery center generates the encryption and decryption gold in advance. The key is encrypted by the internal key Kh generated by the HSM hardware security module (this secret key is used exclusively for confidential important information and exists only in the HSM, denoted by Kh), and the key is added. The hard disk to the key recovery center is frequently written into the IC card afterwards.

After the pre-operation is completed, the key backup in the card issuance phase is completed. The process is summarized as follows:

(1) The Key Retrieval Center first inserts the authorized operation card into the HSM.

(2) Reinsert the SAM card containing the SO (Super Officer) PIN code that can calculate the card to be written.

(3) After verifying the PIN code, the previously prepared IC card (the IC card that has been written by KKr and Key Recovery Applet) is placed in the card reader.

(4) Perform a key backup agreement between the HSM and the Key Recovery Applet in the card issuance phase, and write the previously generated encryption and decryption key into the correct Key container in the IC card.

(5) Afterwards, the encryption and decryption key encrypted by Kh of HSM will be used, and then the encryption program is used to write to the shared database for use as a subsequent key reply.

Referring to FIG. 3, the secure communication protocol diagram for the key backup and reply is to bridge the HSM hardware security module and the IC card to securely write the key between the two "passive" components. An agreement to defend against third parties must be designed. The technical description of the secure communication protocol for the entire key backup and reply is as follows:

(1) Explanation of the operation of the agreement:

a. Starting state: HSM and IC card share a reply key Kr that only the other party knows. This Kr will be used as the authentication basis for both parties and the encryption and decryption key for secretly transmitting data. The length is 192bits. Requirements definition), and each is stored inside the HSM hardware security module and IC card, and cannot be stolen or tampered with. The encryption and decryption algorithm used in this protocol is the AES symmetric encryption and decryption algorithm (other symmetric encryption and decryption algorithms can also be used). In the figure, E(.) and D(.) represent encryption and decryption, and under E(.) and D(.), the key is used." "The representative embosses the information. In addition, any message between the parties to this Agreement is transmitted to the intermediary program and then passed to the other party through the intermediary program.

b. The first round: The IC card first uses a secure random number generator to generate a conference key SK for the current use, which is 192 bits long. Then, the AES algorithm is used to encrypt the conference with the reply key Kr that is known to the other party. The key SK is transmitted to the HSM hardware security module.

c. The second round: the HSM hardware security module decrypts the key Kr with the AES algorithm, solves the conference key SK, and then generates a temporary used random number (Nonce) N1, and The solved conference key SK is used as an encrypted key, and is encrypted and transmitted to the IC card.

d. The third round: the IC card uses the ESK (N1) transmitted from the previously generated SK decryption HSM, and solves the N1 value to generate another temporarily used random number N2, and the N2 is spliced to N1 and then the whole is encrypted with SK. Then send it back to the HSM hardware security module.

e. Decrypt the message sent by the IC card in the third round with SK, and take out the two values of N1 and N2, and compare whether the extracted N1 is equal to the original N1 generated in the second round. If N1 does not match, If the agreement is aborted, the N2 that is untied is overlapped with the data EData to be transmitted, and then encrypted by the conference key SK and transmitted to the IC card. In addition, in the case of the IC card, after receiving the above message, the conference key SK is used for decryption, and N2 and EData are solved, and whether the extracted N2 is compared with the third round. The generated N2 is equal. If N2 does not match, the agreement is aborted. Conversely, if they are equal, the source and correctness of EData can be confirmed, and the agreement is completed.

(2) Security requirements achievable by the agreement:

The main function of this agreement is to provide a key agreement between the IC card and the HSM hardware security module for the key reply master program, and to use Kr as the basis for mutual recognition. Conference key SK, and use this to ensure the privacy of the data.

(3) Security is as follows:

a. Both the IC card and the HSM hardware security module can confirm the correctness of the conference key SK and the SK cannot be derived from a third party other than the IC card and the HSM.

b. Private information carried during the period cannot be derived from a third party other than the IC card and HSM.

c. The master key used to encrypt the key material in the HSM hardware security module cannot be derived by anyone other than the HSM.

Please refer to Figure 4 for a detailed description of the complete process and steps of the key backup and reply, including the pre-job (key pre-production), key backup card issuing operation and key recovery operation. A secure communication protocol for key backup and reply to concatenate the entire process. The process of full key backup and reply is described as follows:

(1) Pre-operation (key pre-production) 41:

a. The Card Management Center (CMC) writes the encryption key reply agreement key (kkr) and the Key Recovery Applet to the IC card.

b. The Key Recovery Center (KRC) encrypts the key reply agreement key (kr) with the encryption key reply protocol key (kkr) and writes it to the card management database.

c. The Key Recovery Center (KRC) writes the Key Recovery Agreement Key (kr) into the Hardware Security Module (HSM).

d. The Hardware Security Module (HSM) encrypts the encryption and decryption keys generated by the hardware security module (HSM) with an internally generated key (kh).

(2) Key backup card issuing operation 42:

a. The secure communication protocol of the key backup and reply is written into the IC card by the hardware security module (HSM) to generate the encryption and decryption key (not encrypted in kh).

b. Write the encryption and decryption key (encrypted in kh) by the hardware security module (HSM) into the key reply database.

c. Download and write the voucher from the voucher management repository (Repository) to the IC card.

(3) Key Reply Job 43:

a. The Key Recovery Center (KRC) reads the hardware security module (HSM) from the key reply database to generate the encryption and decryption key (encrypted in kh).

b. The secure communication protocol for the key backup and reply is written to the other IC card by the hardware security module (HSM) to generate the encryption and decryption key (not encrypted in kh).

c. Download and write the voucher from the voucher management repository (Repository) to another IC card to complete the key reply.

The safe key recovery method provided by the present invention has the following advantages when compared with other conventional technologies:

(1) The method constructed by the present invention separates the traditional card management center, and the card management center usually only manages the IC card, but the key setting and management of the IC card are handled by the secure key reply method.

(2) The process followed by the key backup and reply operations of the present invention has the same coherent relationship, and the system is easier to maintain.

(3) The present invention uses an IC card and a hardware security module (HSM) as a secure operational bastion. The communication protocol on the transmission is also designed with good security, which can effectively prevent internal and external middlemen from attacking.

(4) The present invention has an excellent security processing procedure in system initialization initialization, application key reply, issuing key reply card, and return key reply card.

The detailed description of the present invention is intended to be illustrative of the invention, and is not intended to limit the scope of the invention.

In summary, this case is not only innovative in the control process, but also can enhance the above-mentioned multiple functions compared with the customary items. It should fully comply with the statutory invention patent requirements of novelty and progress, and apply for it according to law. This invention patent application, in order to invent invention, to the sense of virtue.

11‧‧‧Voucher Management Center Repository

12‧‧‧ Auditing Host (Audit)

13‧‧‧Card Management Center (CMC)

14‧‧‧Key Recovery Center (KRC)

15‧‧‧Key Reply Database

21‧‧‧Key Recall Center (Key Production and Reply Write)

22‧‧‧Data Management Center (shared DBMS)

23‧‧‧Card Management Center (Pre-perso)

41‧‧‧Pre-installation (key production)

42‧‧‧Key backup card issuing operation

43‧‧‧Key Recovery

Please refer to the following detailed description of the process of the present invention and its accompanying drawings, which will further understand the technical contents of the present invention and its effects: FIG. 1 is a secure key recovery system overall relationship diagram; FIG. 2 is a key backup role relationship And the flow chart; Figure 3 is the secure communication protocol diagram of the key backup and reply; and Figure 4 is the flow chart of the key backup and reply.

11‧‧‧Voucher Management Center Repository

12‧‧‧ Auditing Host (Audit)

13‧‧‧Card Management Center (CMC)

14‧‧‧Key Recovery Center (KRC)

15‧‧‧Key Reply Database

Claims (5)

A secure key recovery system characterized by the use of an IC card and a hardware security module (HSM) to assist in the establishment of a secure key recovery method, including: (a) a key reply center, which is a key backup And reply, perform the backup of the key at the time of issuance, and when the key is replied, perform the review of the application operation, and perform the key reply to write the card and print; (b) a key reply database is stored The backup key and the data related to the key reply; (c) a card management center provides a blank IC card that has been initialized and writes the encryption/decryption key KKr into the IC card to the key recovery center for the key Backup and reply; (d) a voucher management center repository, providing the key reply center download voucher, status query, key reply request form download and related announcement; (e) an audit host, which is a record key backup It is important information to operate with the key and provide relevant security audit inquiries. A secure key recovery method includes: (a) key backup technology, which is a key recovery center (key production and reply write card), a data management center (shared DBMS), and a card management center. Operation, the HSM hardware security module of the key recovery center and the IC card washed by the card management center, through the key backup agreement in the card issuance stage, write the encryption and decryption key pre-generated by the key recovery center into the IC card. Internally, the encrypted encryption/decryption key is also written into the data recovery center of the data management center for backup, and the certificate is downloaded and written into the IC card; (b) the key recovery technology, including the certificate management center storage The operation of the library, the card management center and the key recovery center, the HSM hardware of the key recovery center The full module and the IC card for replying through the card management center are used to write the encrypted encryption/decryption key backed up in the database to the reply IC card through the secure communication protocol of the key backup and reply. And downloading and writing the voucher from the voucher management center repository to the IC card; and (c) the secure communication protocol for the key backup and reply, including the calculation process of the security agreement. First, the IC card uses the key to reply to the agreement. The key is encrypted by the AES symmetric encryption and decryption algorithm (other symmetric encryption and decryption algorithms can also be used) to generate the conference key. After that, the HSM hardware security module and the IC card use the randomly generated conference key to encrypt and randomly generate the chaos. The value or the splicing randomly generates random values. After both the receiving and the receiving parties confirm each other, the HSM hardware security module encrypts the information to be transmitted to the IC card with the randomly generated conference key. For example, the secure key recovery method described in claim 2, wherein the key backup technology is in the following order: a. issuing the card for pre-operation (a) the HSM and the card management center of the key recovery center have one The same key is returned to the agreement key (kr), and only one encryption key is used to reply the agreement key (kkr) in the IC card, and each batch of IC cards corresponds to the card management database by the card number; (b) the card is washed. The management center writes the encryption key agreement agreement key (kkr) and the Key Recovery Applet to the IC card, and the key reply agreement key (kr) is generated by the key reply center, and uses the A/B key to share the code list. Write it to the HSM, and encrypt the key reply agreement key (kr) with the encryption key reply protocol key (kkr), and send the data to the card management center to store the card management database; (c) the key The HSM hardware security module of the reply center is generated in advance. The decrypted key is encrypted by the self-generated key (kh) of the HSM hardware security module, and then sent out to the hard disk of the key recovery center; b. Key backup during the card issuance stage (a) Key reply center Perform the key backup agreement between the HSM and the Key Recovery Applet (aka Key Recovery Applet), and write the previously generated encryption and decryption key into the correct Key container in the IC card, and then use the internal self-generated key of the HSM. (kh) The encrypted encryption and decryption key is written into the shared database; (b) the key recovery center sends the IC card with the encrypted key back to the card management center, and the card management center issues the certificate and Write. For example, in the secure key recovery method described in claim 2, the calculation procedure of the secure communication protocol of the key backup and reply is in order: a. encrypt the random number using the reply key Kr which is known to the other party itself. The generated conference key SK is transmitted to the HSM hardware security module; b. The HSM hardware security module solves the conference key SK by the reply key Kr, and encrypts the temporarily generated random value (ie, Nonce) with SK encryption. N1, "transfer" to the IC card; c. The IC card obtains the N1 information from the previously generated SK decryption HSM, and generates another temporarily used random number N2, splicing N1 and N2, and then splicing with SK encryption. The data is sent back to the HSM hardware security module; d. The HSM hardware security module decrypts with SK, and takes out two values of N1 and N2. The comparison N1 is equal to the original N1. If N1 does not match, the agreement is aborted. On the other hand, if they are equal, the N2 and the data EData to be transmitted are spliced, and then the data is transmitted to the IC card by the SK encryption, and the IC card is decrypted by the previously generated SK to obtain N2 and EData, and whether the N2 is the same as the original one. The resulting N2 is equal, If N2 does not match, the agreement is aborted; otherwise, if they are equal, the source and correctness of EData can be confirmed, and the agreement is completed. For example, the secure key reply method described in claim 2, wherein the entire key backup and reply process is in the following order: a. The card management center (CMC) replies the encryption key to the agreement key (kkr) And the Key Recovery Applet is written into the IC card; b. The Key Recovery Center (KRC) encrypts the key reply protocol key (kr) with the encryption key reply protocol key (kkr) and writes it to the card management database; The Key Recovery Center (KRC) writes the key recovery agreement key (kr) into the hardware security module (HSM); d. The hardware security module (HSM) internally generates the key (kh) Secure the encryption and decryption key of the hardware security module (HSM) in advance; e. Securely communicate the key to the hardware security module (HSM) through the secure key agreement of the key backup and reply (not Kh encryption) is written into the IC card; f. The hardware security module (HSM) generates the encryption and decryption key (encrypted in kh) into the key reply database; g. from the credential management center repository ( Repository) downloads and writes the voucher to the IC card; h. Key Recovery Center (KRC) reads the hardware security module (HSM) from the key reply database to generate The decrypted key (encrypted in kh); i. The secure communication protocol for key backup and reply by the key security module (HSM) to generate the encryption and decryption key (not encrypted in kh) to write another IC In the card; and j. Download and write the voucher from the voucher management center repository to another IC card to complete the key reply.