TWI787974B - Method and system for generating dynamic key - Google Patents
Method and system for generating dynamic key Download PDFInfo
- Publication number
- TWI787974B TWI787974B TW110131571A TW110131571A TWI787974B TW I787974 B TWI787974 B TW I787974B TW 110131571 A TW110131571 A TW 110131571A TW 110131571 A TW110131571 A TW 110131571A TW I787974 B TWI787974 B TW I787974B
- Authority
- TW
- Taiwan
- Prior art keywords
- key
- server
- client
- key generation
- agreement
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 238000004891 communication Methods 0.000 claims description 18
- 230000008859 change Effects 0.000 claims description 9
- 238000005516 engineering process Methods 0.000 claims description 9
- 238000010586 diagram Methods 0.000 description 13
- 230000009466 transformation Effects 0.000 description 13
- 238000004590 computer program Methods 0.000 description 7
- 239000011159 matrix material Substances 0.000 description 7
- 230000008901 benefit Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000012954 risk control Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 3
- 239000010931 gold Substances 0.000 description 3
- 229910052737 gold Inorganic materials 0.000 description 3
- 230000007423 decrease Effects 0.000 description 2
- 230000000670 limiting effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 150000003839 salts Chemical class 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
- Circuits Of Receivers In General (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
本發明屬於加密通訊領域,具體涉及一種動態金鑰生成方法和系統。The invention belongs to the field of encrypted communication, and in particular relates to a method and system for generating a dynamic key.
本部分旨在為權利要求書中陳述的本發明的實施方式提供背景或上下文。此處的描述不因為包括在本部分中就承認是現有技術。This section is intended to provide a background or context for implementations of the invention that are recited in the claims. The descriptions herein are not admitted to be prior art by inclusion in this section.
隨著移動互聯網的發展,應用程式呈現出爆炸式的增長,與此同時,互聯網黑灰產業也隨之誕生發展,規模達到了千億元。互聯網黑灰產業通過抓包、逆向分析等方式獲取到用戶端跟服務端通信的請求介面以及參數,直接偽造介面協定和參數來實現自動化操作,用戶端與服務端之間的安全通訊受到了挑戰。With the development of the mobile Internet, applications have shown explosive growth. At the same time, the Internet black and gray industry has also emerged and developed, with a scale reaching 100 billion yuan. The Internet black and gray industry obtains the request interface and parameters of the communication between the client and the server through packet capture and reverse analysis, and directly forges the interface protocol and parameters to realize automatic operation. The secure communication between the client and the server is challenged .
傳統技術中,出於對通訊安全的要求,市面上應用軟體一般採取開源協定TLS(Transport Layer Security,傳輸層安全性協議)握手方案。開源協定TLS握手方案能協助用戶端與服務端選擇連接時所使用的加密演算法、MAC演算法及相關金鑰。在傳送應用程式的資料前,雙方使用握手協議來完成上述事項。In traditional technology, due to the requirement of communication security, the application software on the market generally adopts the open source protocol TLS (Transport Layer Security, Transport Layer Security Protocol) handshake scheme. The open source protocol TLS handshake scheme can assist the client and the server to select the encryption algorithm, MAC algorithm and related keys used when connecting. Before sending the data of the application program, the two parties use the handshake protocol to complete the above matters.
然而,在上述開源協議TLS握手方案中,用戶端需要預置一些公開的加密演算法以及散列方法,因此用戶端金鑰生成演算法固定不變,攻擊者可以通過逆向破解用戶端邏輯的獲取這些固定的金鑰生成演算法,從而破解用戶端與服務端端之間的加密通訊,對通訊安全造成不利影響。However, in the above-mentioned open source protocol TLS handshake scheme, the client needs to preset some public encryption algorithms and hash methods, so the client key generation algorithm is fixed, and the attacker can obtain the These fixed key generation algorithms can crack the encrypted communication between the client and the server, which will adversely affect the communication security.
針對上述現有技術中存在的問題,提出了一種動態金鑰生成方法和系統,利用這種方法和系統,能夠解決上述問題。Aiming at the above-mentioned problems in the prior art, a method and system for generating a dynamic key are proposed, and the above-mentioned problems can be solved by using the method and system.
本發明提供了以下方案。The present invention provides the following solutions.
第一方面,提供一種動態金鑰生成方法,包括:當檢測到預設風險事件時,基於預設風險事件的風險程度對服務端當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議;服務端將動態更新後的第二金鑰生成協議下發至用戶端,以使用戶端基於第二金鑰生成協定與服務端進行金鑰交換。In the first aspect, a dynamic key generation method is provided, including: when a preset risk event is detected, dynamically update the first key generation agreement currently held by the server based on the risk degree of the preset risk event, and obtain the second Second key generation protocol: the server sends the dynamically updated second key generation protocol to the client, so that the client can exchange keys with the server based on the second key generation protocol.
在一些實施方式中,服務端將動態更新後的第二金鑰生成協議下發至用戶端,方法還包括:服務端接收用戶端上送的金鑰交換請求,金鑰交換請求包括用戶端當前持有的金鑰生成協議的版本號;當服務端檢測到金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,服務端將動態更新後的第二金鑰生成協議下發至用戶端。In some embodiments, the server sends the dynamically updated second key generation protocol to the client, and the method further includes: the server receives a key exchange request sent by the client, and the key exchange request includes the current The version number of the key generation protocol held; when the server detects that the version number carried in the key exchange request is inconsistent with the version number of the second key generation protocol, the server will dynamically update the second key generation protocol sent to the client.
在一些實施方式中,服務端基於預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新,還包括:In some embodiments, the server dynamically updates the currently held first key generation agreement based on the risk level of the preset risk event, and further includes:
當檢測到預設風險事件時,服務端使當前持有的第一金鑰生成協定失效,並根據預設風險事件的風險程度生成對應安全級別的第二金鑰生成協議;When a preset risk event is detected, the server invalidates the currently held first key generation agreement, and generates a second key generation agreement corresponding to the security level according to the risk degree of the preset risk event;
其中,第二金鑰生成協議包括預置的金鑰運算元層和協定主體,協定主體包括協定邏輯以及協定資料,協定邏輯用於指示第二金鑰生成協議採用的一個或多個目標金鑰運算元的組成規則,協定資料用於指示一個或多個目標金鑰運算元的運算元參數的。Wherein, the second key generation protocol includes a preset key operator layer and an agreement body, the agreement body includes agreement logic and agreement data, and the agreement logic is used to indicate one or more target keys adopted by the second key generation protocol Composition rules of operands, the protocol data is used to indicate the operand parameters of one or more target key operands.
在一些實施方式中,金鑰運算元層包含多個金鑰運算元且預置於服務端和用戶端,並且金鑰運算元層中包含的多個金鑰運算元預先被劃分為多個安全等級;以及,第二金鑰生成協議的安全級別由採用的一個或多個目標金鑰運算元的安全等級確定。In some implementations, the key operand layer contains multiple key operands and is preset at the server and the user end, and the multiple key operands contained in the key operand layer are pre-divided into multiple security level; and, the security level of the second key generation protocol is determined by the security level of the one or more target key operands employed.
在一些實施方式中,金鑰運算元層包含:採用安全加密演算法的一種或多種金鑰運算元,和/或採用自訂變化演算法的一種或多種金鑰運算元,和/或採用摘要演算法的一種或多種金鑰運算元。In some embodiments, the key operand layer includes: one or more key operands using a secure encryption algorithm, and/or one or more key operands using a custom change algorithm, and/or using a digest One or more keyed operands of the algorithm.
在一些實施方式中,方法還包括:採用白盒加密技術保護運算元參數的安全性。In some implementations, the method further includes: using white-box encryption technology to protect the security of the operator parameters.
在一些實施方式中,預設風險事件至少包括風險程度不同的第一預設風險事件、第二預設風險事件和第三預設風險事件;其中,第一預設風險事件用於指示連接至服務端的不可信用戶端的數量占比超過預設閾值;第二預設風險事件用於指示接收外部發來的協定更新指令;第三預設風險事件用於指示服務端當前持有的第一金鑰生成協議的工作時間超過預設安全時長。In some embodiments, the preset risk events include at least a first preset risk event, a second preset risk event, and a third preset risk event with different risk levels; wherein, the first preset risk event is used to indicate the connection to The proportion of the number of untrusted clients on the server exceeds the preset threshold; the second preset risk event is used to indicate the receipt of an agreement update command sent from the outside; the third preset risk event is used to indicate that the first gold currently held by the server The working time of the key generation protocol exceeds the preset security time.
在一些實施方式中,服務端連接至多個用戶端,且用戶端上送的金鑰交換請求還包括設備指紋資訊;方法還包括:服務端收集每個用戶端上送的設備指紋資訊,根據設備指紋資訊判斷每個用戶端是否為不可信用戶端,並週期性判斷連接至服務端的不可信用戶端的數量占比是否超過預設閾值,其中,若超過預設閾值,則檢測到第一預設風險事件。In some implementations, the server is connected to multiple clients, and the key exchange request sent by the client also includes device fingerprint information; the method also includes: the server collects the device fingerprint information sent by each client, and according to the device Fingerprint information judges whether each client is an untrusted client, and periodically judges whether the proportion of untrusted clients connected to the server exceeds a preset threshold. If it exceeds the preset threshold, the first preset threshold is detected. risk event.
在一些實施方式中,預設風險事件還包括風險程度大於第一預設風險事件的第四預設風險事件;其中,第四預設風險事件用於指示服務端重複檢測到多次第一預設風險事件。In some embodiments, the preset risk event further includes a fourth preset risk event whose risk degree is greater than the first preset risk event; wherein, the fourth preset risk event is used to instruct the server to repeatedly detect the first preset risk event set risk events.
在一些實施方式中,服務端將動態更新後的第二金鑰生成協議下發至用戶端,還包括:服務端將第二金鑰生成協議的版本號下發至用戶端;用戶端向服務端發起協定更新請求,協定更新請求攜帶第二金鑰生成協議的版本號;服務端向用戶端下發第二金鑰生成協定的協定邏輯和協定資料;用戶端基於預置的金鑰運算元層、協定邏輯和協定資料,將第二金鑰生成協議落地,並重新基於第二金鑰生成協定向服務端發起金鑰交換請求。In some embodiments, the server sends the dynamically updated second key generation protocol to the client, which also includes: the server sends the version number of the second key generation protocol to the client; The terminal initiates a protocol update request, and the protocol update request carries the version number of the second key generation protocol; the server sends the protocol logic and protocol data of the second key generation protocol to the client; Layer, protocol logic and protocol data, implement the second key generation protocol, and re-initiate a key exchange request to the server based on the second key generation protocol.
在一些實施方式中,服務端通過熱更新方式向用戶端下發第二金鑰生成協定的協定邏輯。In some implementation manners, the server issues the protocol logic of the second key generation agreement to the client in a hot update manner.
在一些實施方式中,用戶端基於第二金鑰生成協定與服務端進行金鑰交換,還包括:用戶端向服務端發送金鑰交換請求,金鑰交換請求包括用戶端當前持有的第二金鑰生成協議的版本號;當服務端檢測到金鑰交換請求中攜帶的版本號與服務端當前持有的第二金鑰生成協議的版本號一致時,生成服務端亂數,並將服務端亂數發送至用戶端;用戶端根據服務端亂數產生預主金鑰,將預主金鑰發送至服務端;用戶端和服務端各自利用第二金鑰生成協議、預主金鑰、用戶端亂數以及服務端亂數產生工作金鑰;用戶端和服務端通過交換各自生成的工作金鑰進行加密通訊。In some embodiments, the client performs key exchange with the server based on the second key generation agreement, and further includes: the client sends a key exchange request to the server, and the key exchange request includes the second key currently held by the client. The version number of the key generation protocol; when the server detects that the version number carried in the key exchange request is consistent with the version number of the second key generation protocol currently held by the server, it will generate a random number on the server and send the service The random number from the client is sent to the client; the client generates the pre-master key according to the random number of the server, and sends the pre-master key to the server; the client and the server respectively use the second key generation protocol, the pre-master key, Random numbers on the client side and random numbers on the server side generate working keys; the client side and the server side exchange their generated working keys for encrypted communication.
在一些實施方式中,方法還包括:用戶端根據服務端亂數產生預主金鑰之後,利用服務端下送的公開金鑰對預主金鑰進行加密,並將加密的預主金鑰發送至服務端;服務端利用私密金鑰對加密的預主金鑰進行解密,得到解密的預主金鑰。In some embodiments, the method further includes: after the user end generates the pre-master key according to the random number of the server, encrypts the pre-master key with the public key sent by the server, and sends the encrypted pre-master key to To the server; the server uses the private key to decrypt the encrypted pre-master key to obtain the decrypted pre-master key.
第二方面,提供一種動態金鑰生成系統,系統包括:服務端和用戶端;其中,服務端用於執行:當檢測到預設風險事件時,基於預設風險事件的風險程度對服務端當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議;將動態更新後的第二金鑰生成協議下發至用戶端;用戶端用於執行:基於第二金鑰生成協定與服務端進行金鑰交換。In the second aspect, a dynamic key generation system is provided. The system includes: a server and a user; wherein, the server is used to execute: when a preset risk event is detected, the current The first key generation agreement held is dynamically updated to obtain the second key generation agreement; the dynamically updated second key generation agreement is sent to the client; the client is used to execute: based on the second key generation The protocol exchanges keys with the server.
在一些實施方式中,服務端還用於:接收用戶端上送的金鑰交換請求,金鑰交換請求包括用戶端當前持有的金鑰生成協議的版本號;當檢測到金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,將動態更新後的第二金鑰生成協議下發至用戶端。In some implementations, the server is further configured to: receive the key exchange request sent by the client, where the key exchange request includes the version number of the key generation protocol currently held by the client; when it is detected that the key exchange request carries When the version number of the second key generation protocol is inconsistent with that of the second key generation protocol, the dynamically updated second key generation protocol is delivered to the client.
在一些實施方式中,服務端還用於:當檢測到預設風險事件時,使當前持有的第一金鑰生成協定失效,並根據預設風險事件的風險程度生成對應安全級別的第二金鑰生成協議;其中,第二金鑰生成協議包括預置的金鑰運算元層和協定主體,協定主體包括協定邏輯以及協定資料,協定邏輯用於指示第二金鑰生成協議採用的一個或多個目標金鑰運算元的組成規則,協定資料用於指示一個或多個目標金鑰運算元的運算元參數的。In some implementations, the server is further configured to: when a preset risk event is detected, invalidate the currently held first key generation agreement, and generate a second key with a corresponding security level according to the risk degree of the preset risk event. Key generation protocol; wherein, the second key generation protocol includes a preset key operator layer and an agreement body, the agreement body includes agreement logic and agreement data, and the agreement logic is used to indicate one or Composition rules of multiple target key operands, the protocol data is used to indicate the operand parameters of one or more target key operands.
在一些實施方式中,金鑰運算元層包含多個金鑰運算元且預置於服務端和用戶端,並且金鑰運算元層中包含的多個金鑰運算元預先被劃分為多個安全等級;以及,第二金鑰生成協議的安全級別由採用的一個或多個目標金鑰運算元的安全等級確定。In some implementations, the key operand layer contains multiple key operands and is preset at the server and the user end, and the multiple key operands contained in the key operand layer are pre-divided into multiple security level; and, the security level of the second key generation protocol is determined by the security level of the one or more target key operands employed.
在一些實施方式中,金鑰運算元層包含:採用安全加密演算法的一種或多種金鑰運算元,和/或採用自訂變化演算法的一種或多種金鑰運算元,和/或採用摘要演算法的一種或多種金鑰運算元。In some embodiments, the key operand layer includes: one or more key operands using a secure encryption algorithm, and/or one or more key operands using a custom change algorithm, and/or using a digest One or more keyed operands of the algorithm.
在一些實施方式中,系統還用於:採用白盒加密技術保護運算元參數的安全性。In some implementation manners, the system is further configured to: use white-box encryption technology to protect the security of the operator parameters.
在一些實施方式中,預設風險事件至少包括風險程度不同的第一預設風險事件、第二預設風險事件和第三預設風險事件;其中,第一預設風險事件用於指示連接至服務端的不可信用戶端的數量占比超過預設閾值;第二預設風險事件用於指示接收外部發來的協定更新指令;第三預設風險事件用於指示服務端當前持有的第一金鑰生成協議的工作時間超過預設安全時長。In some embodiments, the preset risk events include at least a first preset risk event, a second preset risk event, and a third preset risk event with different risk levels; wherein, the first preset risk event is used to indicate the connection to The proportion of the number of untrusted clients on the server exceeds the preset threshold; the second preset risk event is used to indicate the receipt of an agreement update command sent from the outside; the third preset risk event is used to indicate that the first gold currently held by the server The working time of the key generation protocol exceeds the preset security time.
在一些實施方式中,服務端連接至多個用戶端,且用戶端上送的金鑰交換請求還包括設備指紋資訊;服務端還用於:收集每個用戶端上送的設備指紋資訊,根據設備指紋資訊判斷每個用戶端是否為不可信用戶端,並週期性判斷連接至服務端的不可信用戶端的數量占比是否超過預設閾值,其中,若超過預設閾值,則檢測到第一預設風險事件。In some implementations, the server is connected to multiple clients, and the key exchange request sent by the client also includes device fingerprint information; the server is also used to: collect the device fingerprint information sent by each client, according to the device Fingerprint information judges whether each client is an untrusted client, and periodically judges whether the proportion of untrusted clients connected to the server exceeds a preset threshold. If it exceeds the preset threshold, the first preset threshold is detected. risk event.
在一些實施方式中,預設風險事件還包括風險程度大於第一預設風險事件的第四預設風險事件;其中,第四預設風險事件用於指示服務端重複檢測到多次第一預設風險事件。In some embodiments, the preset risk event further includes a fourth preset risk event whose risk degree is greater than the first preset risk event; wherein, the fourth preset risk event is used to instruct the server to repeatedly detect the first preset risk event set risk events.
在一些實施方式中,服務端還用於:當檢測到金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,將第二金鑰生成協議的版本號下發至用戶端;用戶端還用於:向服務端發起協定更新請求,協定更新請求攜帶第二金鑰生成協議的版本號;服務端還用於:向用戶端下發第二金鑰生成協定的協定邏輯和協定資料;用戶端還用於:基於預置的金鑰運算元層、協定邏輯和協定資料,將第二金鑰生成協議落地,並重新基於第二金鑰生成協定向服務端發起金鑰交換請求。In some implementations, the server is further configured to: send the version number of the second key generation protocol to the user when detecting that the version number carried in the key exchange request is inconsistent with the version number of the second key generation protocol terminal; the client is also used to: initiate a protocol update request to the server, and the protocol update request carries the version number of the second key generation protocol; the server is also used to: issue the agreement logic of the second key generation protocol to the client and protocol data; the client is also used to implement the second key generation protocol based on the preset key operator layer, protocol logic, and protocol data, and re-initiate a key to the server based on the second key generation protocol Exchange request.
在一些實施方式中,服務端通過熱更新方式向用戶端下發第二金鑰生成協定的協定邏輯。In some implementation manners, the server issues the protocol logic of the second key generation agreement to the client in a hot update manner.
在一些實施方式中,用戶端還用於:當基於第二金鑰生成協定進行動態更新之後,向服務端發送金鑰交換請求,金鑰交換請求包括用戶端當前持有的第二金鑰生成協議的版本號;服務端還用於:當檢測到金鑰交換請求中攜帶的版本號與服務端當前持有的第二金鑰生成協議的版本號一致時,生成服務端亂數,並將服務端亂數發送至用戶端;用戶端還用於:根據服務端亂數產生預主金鑰,將預主金鑰發送至服務端;用戶端和服務端還用於:各自利用第二金鑰生成協議、預主金鑰、用戶端亂數以及服務端亂數產生工作金鑰,通過交換各自生成的工作金鑰進行加密通訊。In some implementations, the client is further configured to: send a key exchange request to the server after the dynamic update is performed based on the second key generation agreement. The key exchange request includes the second key generation currently held by the client. The version number of the protocol; the server is also used to: when it is detected that the version number carried in the key exchange request is consistent with the version number of the second key generation protocol currently held by the server, generate a random number on the server, and send The random number of the server is sent to the client; the client is also used to: generate the pre-master key according to the random number of the server, and send the pre-master key to the server; the client and the server are also used to: respectively use the second key Key generation protocol, pre-master key, random numbers on the client side and random numbers on the server side generate working keys, and encrypted communication is performed by exchanging the working keys generated by each.
在一些實施方式中,用戶端還用於:根據服務端亂數產生預主金鑰之後,利用服務端下送的公開金鑰對預主金鑰進行加密,並將加密的預主金鑰發送至服務端;服務端還用於:利用私密金鑰對加密的預主金鑰進行解密,得到解密的預主金鑰。In some implementations, the client is further configured to: after generating the pre-master key according to the random number of the server, use the public key sent by the server to encrypt the pre-master key, and send the encrypted pre-master key to to the server; the server is also used to: use the private key to decrypt the encrypted pre-master key to obtain the decrypted pre-master key.
本申請實施例採用的上述至少一個技術方案能夠達到以下有益效果:本實施例中,服務端可以基於預設風控機制而動態更新服務端持有的金鑰生成協議並下發至用戶端,用戶端根據服務端下發的該動態更新的金鑰生成協定與服務端進行金鑰交換,從而提高攻擊者破解協議的成本,提供金鑰安全性。 應當理解,上述說明僅是本發明技術方案的概述,以便能夠更清楚地瞭解本發明的技術手段,從而可依照說明書的內容予以實施。為了讓本發明的上述和其它目的、特徵和優點能夠更明顯易懂,以下特舉例說明本發明的具體實施方式。 The above at least one technical solution adopted in the embodiment of the present application can achieve the following beneficial effects: in this embodiment, the server can dynamically update the key generation protocol held by the server based on the preset risk control mechanism and send it to the client, The client exchanges keys with the server according to the dynamically updated key generation protocol issued by the server, thereby increasing the cost for attackers to crack the protocol and providing key security. It should be understood that the above description is only an overview of the technical solution of the present invention, so as to understand the technical means of the present invention more clearly, so as to be implemented according to the contents of the description. In order to make the above and other objects, features and advantages of the present invention more comprehensible, specific embodiments of the present invention are illustrated below.
下面將參照附圖更詳細地描述本公開的示例性實施例。雖然附圖中顯示了本公開的示例性實施例,然而應當理解,可以以各種形式實現本公開而不應被這裡闡述的實施例所限制。相反,提供這些實施例是為了能夠更透徹地理解本公開,並且能夠將本公開的範圍完整的傳達給本領域的技術人員。Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.
在本發明中,應理解,諸如“包括”或“具有”等術語旨在指示本說明書中所公開的特徵、數位、步驟、行為、部件、部分或其組合的存在,並且不旨在排除一個或多個其他特徵、數位、步驟、行為、部件、部分或其組合存在的可能性。In the present invention, it should be understood that terms such as "comprising" or "having" are intended to indicate the presence of features, figures, steps, acts, components, parts or combinations thereof disclosed in the specification, and are not intended to exclude one or multiple other features, figures, steps, acts, parts, parts or combinations thereof.
另外還需要說明的是,在不衝突的情況下,本發明中的實施例及實施例中的特徵可以相互組合。下面將參考附圖並結合實施例來詳細說明本發明。In addition, it should be noted that, in the case of no conflict, the embodiments of the present invention and the features in the embodiments can be combined with each other. The present invention will be described in detail below with reference to the accompanying drawings and examples.
針對現有技術方案的缺點,本發明實施例提出一種動態金鑰生成方法,下面,首先對方法的發明構思進行介紹。Aiming at the shortcomings of the existing technical solutions, an embodiment of the present invention proposes a method for generating a dynamic key. In the following, the inventive concept of the method is firstly introduced.
服務端對環境中的風險情況進行檢測,當檢測到預設風險事件時,基於該預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議。基於此,服務端將動態更新後的第二金鑰生成協議下發至用戶端,以使用戶端基於第二金鑰生成協定與服務端進行金鑰交換。換言之,服務端可以基於預設風控機制而動態更新服務端持有的金鑰生成協定,並下發至用戶端,用戶端和服務端基於動態更新的金鑰生成協定進行資料交換,從而提高攻擊者破解協議的成本,提高通信安全性能。The server detects the risk situation in the environment, and when a preset risk event is detected, it dynamically updates the currently held first key generation agreement based on the risk level of the preset risk event to obtain the second key generation protocol. Based on this, the server sends the dynamically updated second key generation protocol to the client, so that the client performs key exchange with the server based on the second key generation protocol. In other words, the server can dynamically update the key generation agreement held by the server based on the preset risk control mechanism, and send it to the client. The client and the server exchange data based on the dynamically updated key generation agreement, thereby improving The cost for the attacker to crack the protocol and improve the communication security performance.
本領域技術人員可以理解,所描述的應用場景僅是本發明的實施方式可以在其中得以實現的一個示例。本發明實施方式的適用範圍不受任何限制。在介紹了本發明的基本原理之後,下面具體介紹本發明的各種非限制性實施方式。Those skilled in the art may understand that the described application scenario is only an example in which the embodiments of the present invention may be implemented. The scope of application of the embodiments of the present invention is not limited in any way. After introducing the basic principles of the present invention, various non-limiting embodiments of the present invention are described in detail below.
圖1為根據本申請一實施例的動態金鑰生成方法100的流程示意圖。FIG. 1 is a schematic flowchart of a
如圖1所示,該方法100可以包括步驟101和步驟102。As shown in FIG. 1 , the
步驟101、當檢測到預設風險事件時,服務端基於預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議。Step 101. When a preset risk event is detected, the server dynamically updates the currently held first key generation agreement based on the risk degree of the preset risk event to obtain a second key generation agreement.
其中,該預設風險事件是指可能對服務端和用戶端當前持有的金鑰生成協議的安全性造成風險的事件。例如,該預設風險事件可以是連接至服務端的用戶端為不可信用戶端,還可以是當前持有的金鑰生成協議的工作時間超過安全時長閾值,諸如此類。Wherein, the preset risk event refers to an event that may pose a risk to the security of the key generation protocol currently held by the server and the client. For example, the preset risk event may be that the client connected to the server is an untrusted client, or that the working time of the currently held key generation protocol exceeds a security duration threshold, and so on.
在一種可能的實施方式中,在上述步驟101中,服務端基於預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新還可以包括:當檢測到預設風險事件時,服務端使當前持有的第一金鑰生成協定失效,並根據預設風險事件的風險程度生成對應安全級別的第二金鑰生成協議。In a possible implementation manner, in the above step 101, the server dynamically updating the currently held first key generation agreement based on the risk degree of the preset risk event may also include: when a preset risk event is detected , the server invalidates the currently held first key generation agreement, and generates a second key generation agreement corresponding to the security level according to the risk degree of the preset risk event.
可以理解,基於在先經驗、歷史統計資料等風險程度判斷因素,可以將多種類型的預設風險事件按照風險程度分為多個級別,比如檢測到的某一預設風險事件指示當前持有的金鑰生成協議已被攻破時,則可以認為該預設風險事件為一級風險事件。又比如檢測到的另一預設風險事件指示當前持有的金鑰生成協議可能存在被攻破風險時,則可以認為該預設風險事件為二級風險事件。又比如檢測到的預設風險事件指示當前持有的金鑰生成協議的工作時間已經超過安全時長閾值,則可以認為該預設風險事件為三級風險事件,諸如此類。基於此,可以生成安全級別對應於該風險程度的第二金鑰生成協議,從而持續提高攻擊者破解金鑰生成協議的成本。It can be understood that, based on prior experience, historical statistical data and other factors to judge the degree of risk, various types of preset risk events can be divided into multiple levels according to the degree of risk. For example, a detected preset risk event indicates that the currently held When the key generation protocol has been breached, the preset risk event can be considered as a first-level risk event. For another example, when another preset risk event detected indicates that the currently held key generation protocol may be at risk of being compromised, then the preset risk event may be considered as a secondary risk event. For another example, if the detected preset risk event indicates that the working time of the currently held key generation protocol has exceeded the safety duration threshold, then the preset risk event can be considered as a third-level risk event, and so on. Based on this, a second key generation protocol whose security level corresponds to the risk degree can be generated, thereby continuously increasing the cost for an attacker to crack the key generation protocol.
其中,第二金鑰生成協議包括預置的金鑰運算元層和協定主體,協定主體包括協定邏輯以及協定資料,協定邏輯用於指示第二金鑰生成協議採用的一個或多個目標金鑰運算元的組成規則,協定資料用於指示一個或多個目標金鑰運算元的運算元參數。Wherein, the second key generation protocol includes a preset key operator layer and an agreement body, the agreement body includes agreement logic and agreement data, and the agreement logic is used to indicate one or more target keys adopted by the second key generation protocol Composition rules for operands, the protocol data is used to indicate the operand parameters of one or more target key operands.
具體來說,在服務端和用戶端均預置包含多種金鑰運算元的金鑰運算元層。可選地,金鑰運算元層包含:採用諸如AES、SM4的安全加密演算法的一種或多種金鑰運算元,和/或採用諸如矩陣乘法演算法、大數取餘演算法的自訂變化演算法的一種或多種金鑰運算元,和/或採用諸如SHA256、SM3的摘要演算法的一種或多種金鑰運算元。Specifically, a key operand layer including various key operands is preset on both the server end and the user end. Optionally, the key operand layer includes: one or more key operands using secure encryption algorithms such as AES and SM4, and/or using custom changes such as matrix multiplication algorithms and large number remainder algorithms One or more key operands of the algorithm, and/or one or more key operands of digest algorithms such as SHA256, SM3.
舉例來說,圖2示出一種金鑰生成協議的示例,其包含預置的金鑰運算元層和動態生成的協定主體,其中預置的金鑰運算元層包含AES變換運算元、矩陣變換運算元和SHA變換運算元等金鑰運算元等。動態生成的協定主體部分包括邏輯區和資料區,邏輯區包括協定邏輯,其用於指示該金鑰生成協定所採用目標金鑰運算元的組成規則與順序,該部分內容可通過熱更新的方式下發至用戶端。資料區包含金鑰運算元層中各級金鑰運算元的運算元參數。可選地,其中一些金鑰運算元的運算元參數可以是白盒資料,另外一些金鑰運算元的運算元參數可以是明文參數。For example, Fig. 2 shows an example of a key generation protocol, which includes a preset key operand layer and a dynamically generated agreement body, wherein the preset key operand layer includes AES transformation operands, matrix transformation Key operands such as operands and SHA transformation operands. The dynamically generated agreement body includes the logic area and the data area. The logic area includes the agreement logic, which is used to indicate the composition rules and order of the target key operands used in the key generation agreement. The content of this part can be updated through hot sent to the client. The data area contains the operand parameters of the key operands at all levels in the key operand layer. Optionally, the operand parameters of some of the key operands may be white-box data, and the operand parameters of some other key operands may be plaintext parameters.
在一種可能的實施方式中,金鑰運算元層包含多個金鑰運算元且同時預置於服務端和用戶端,並且金鑰運算元層中包含的多個金鑰運算元預先被劃分為多個安全等級;以及,第二金鑰生成協議的安全級別由採用的一個或多個目標金鑰運算元的安全等級確定。In a possible implementation manner, the key operand layer contains multiple key operands and is preset at the server and the user end at the same time, and the multiple key operands contained in the key operand layer are pre-divided into a plurality of security levels; and, the security level of the second key generation protocol is determined by the security level of the one or more target key operands employed.
舉例來說,可以按照各個金鑰運算元的變換安全性將金鑰運算元層中的多種金鑰運算元分為一級運算元、二級運算元、三級運算元。其中,一級運算元可表示安全等級最高的運算元,接受金鑰因數和運算元參數作為輸入,採用諸如AES演算法、SM4演算法等安全加密演算法來保護變換結果的安全性。二級運算元可表示安全等級僅次於一級的運算元,其接受金鑰因數和運算元參數作為輸入,並採用諸如矩陣乘法演算法、大數取餘演算法等自訂變化演算法來保護變換結果的安全性。二級運算元相較於一級運算元具有更簡單的演算法,對用戶端的性能要求更低。可選地,可採用白盒技術保護一級運算元和二級運算元的運算元參數的安全性。三級運算元可表示安全等級較弱的運算元,其接受金鑰因數和運算元參數作為輸入,可採用先用的摘要演算法保護變換結果的安全性,其中摘要演算法的運算元參數為摘要演算法的鹽,摘要演算法比如可以是SHA256、SM3等。三級運算元演算法相較於一、二級運算元則更為簡單,對用戶端性能要求更低。基於此,可以理解,當第二金鑰生成協定採用一級運算元作為目標金鑰運算元,相較於採用二級運算元具有更高的安全等級。當第二金鑰生成協定組合採用一、二級運算元作為目標金鑰運算元,相較於單獨採用一級運算元具有更高的安全等級。因此可以由採用的一個或多個目標金鑰運算元的安全等級確定第二金鑰生成協定的安全級別,並根據檢測到的預設風險事件的風險程度生成對應安全級別的第二金鑰生成協議。For example, various key operands in the key operand layer can be divided into first-level operands, second-level operands, and third-level operands according to the transformation security of each key operand. Among them, the first-level operand can represent the operand with the highest security level, accept key factors and operand parameters as input, and use security encryption algorithms such as AES algorithm and SM4 algorithm to protect the security of the transformation result. The second-level operand can represent an operand with a security level second only to the first-level, which accepts key factors and operand parameters as input, and uses custom change algorithms such as matrix multiplication algorithm, large number remainder algorithm, etc. to protect Security of transformation results. Compared with the first-level operand, the second-level operand has a simpler algorithm and has lower performance requirements on the client side. Optionally, a white-box technique may be used to protect the security of the operand parameters of the first-level operands and the second-level operands. The third-level operand can represent an operand with a weaker security level, which accepts key factors and operand parameters as input, and can use the digest algorithm used first to protect the security of the transformation result, where the operand parameters of the digest algorithm are The salt of the digest algorithm, for example, the digest algorithm can be SHA256, SM3, etc. The third-level operator algorithm is simpler than the first-level and second-level operator algorithms, and has lower performance requirements on the client side. Based on this, it can be understood that when the second key generation protocol uses the first-level operand as the target key operand, it has a higher security level than when the second-level operand is used. When the combination of the second key generation protocol uses the primary and secondary operands as target key operands, it has a higher security level than using the primary operand alone. Therefore, the security level of the second key generation agreement can be determined by the security level of one or more target key operands used, and the second key generation corresponding to the security level can be generated according to the risk degree of the detected preset risk event protocol.
在一種可能的實施方式中,方法還包括:採用白盒加密技術保護運算元參數的安全性。In a possible implementation manner, the method further includes: using a white-box encryption technology to protect the security of the operator parameters.
舉例來說,參考圖2,其中的AES變換運算元和矩陣變換運算元的運算元參數採用白盒資料形式保存。For example, referring to FIG. 2 , the operand parameters of the AES transform operand and the matrix transform operand are stored in the form of white box data.
在一種可能的實施方式中,預設風險事件至少包括風險程度不同的第一預設風險事件、第二預設風險事件和第三預設風險事件;該第一預設風險事件可以用於指示連接至服務端的不可信用戶端的數量占比超過預設閾值;第二預設風險事件用於指示接收外部發來的協定更新指令;第三預設風險事件用於指示服務端當前持有的第一金鑰生成協議的工作時間超過預設安全時長。In a possible implementation manner, the preset risk events include at least a first preset risk event, a second preset risk event, and a third preset risk event with different risk degrees; the first preset risk event may be used to indicate The proportion of the number of untrusted clients connected to the server exceeds the preset threshold; the second preset risk event is used to indicate the receipt of an agreement update command sent from the outside; the third preset risk event is used to indicate that the server currently holds the first The working time of a key generation protocol exceeds a preset security time period.
舉例來說,參考圖3,可以在服務端設置風控模組,該風控模組設置有多個風險驅動單元,比如第一風險驅動單元、第二風險驅動單元和第三風險驅動單元。基於此,比如,第一風險驅動單元檢測到第一預設風險事件發生時,也即檢測到連接至服務端的不可信用戶端的數量占比超過預設閾值時,驅動強制更新該服務端當前持有的第一金鑰生成協定,動態更新後的第二金鑰生成協議可以由AES運算元(一級運算元)、矩陣變化運算元(二級運算元)和SHA變換運算元(三級運算元)組合參與。可選地,若第一風險驅動單元檢測到第一預設風險事件重複發生時,則更新後的第二金鑰生成協議可以包含增加數量的AES變換運算元。又比如,在業務方需要上線安全性要求較高的業務之前,向服務端發送協定更新指令(即發生該第二預設風險事件),第二風險驅動單元檢測到第二預設風險事件發生,驅動強制更新該服務端當前持有的第一金鑰生成協定,動態更新後的第二金鑰生成協議可以由矩陣變化運算元(二級運算元)和SHA變換運算元(三級運算元)組合參與。又比如,第一金鑰生成協議的工作時間超過預設安全時長(即發生該第三預設風險事件),第三風險驅動單元檢測到該第三預設風險事件,驅動強制更新該服務端當前持有的第一金鑰生成協定,動態更新後的第二金鑰生成協議可以由SHA變換運算元(三級運算元)參與。可以看出,第一預設風險事件、第二預設風險事件和第三預設風險事件的風險程度依次遞減,動態更新後生成的第二金鑰生成協議的安全級別也相應依次遞減。For example, referring to FIG. 3 , a risk control module may be set on the server side, and the risk control module is provided with multiple risk-driven units, such as a first risk-driven unit, a second risk-driven unit, and a third risk-driven unit. Based on this, for example, when the first risk driver unit detects that the first preset risk event occurs, that is, when it detects that the proportion of the number of untrusted clients connected to the server exceeds the preset threshold, it drives to forcibly update the server’s current status. Some first key generation protocols, the dynamically updated second key generation protocol can be composed of AES operands (first-level operands), matrix change operands (second-level operands) and SHA transformation operands (third-level operands) ) combined participation. Optionally, if the first risk-driven unit detects that the first preset risk event occurs repeatedly, the updated second key generation protocol may include an increased number of AES transformation operators. For another example, before the business party needs to launch a business with higher security requirements, it sends an agreement update command to the server (that is, the second preset risk event occurs), and the second risk driver unit detects the occurrence of the second preset risk event , the driver forcibly updates the first key generation protocol currently held by the server, and the dynamically updated second key generation protocol can be composed of matrix change operands (secondary operands) and SHA transformation operands (tertiary operands) ) combined participation. For another example, when the working time of the first key generation protocol exceeds the preset security time period (that is, the third preset risk event occurs), the third risk driver unit detects the third preset risk event, and drives the forced update of the service The first key generation protocol currently held by the terminal, and the dynamically updated second key generation protocol can be participated by the SHA transformation operator (three-level operator). It can be seen that the risk levels of the first preset risk event, the second preset risk event, and the third preset risk event decrease in order, and the security level of the second key generation protocol generated after dynamic update also decreases in order.
在一種可能的實施方式中,服務端連接至多個用戶端,且用戶端上送的金鑰交換請求還包括設備指紋資訊;方法還包括:服務端收集每個用戶端上送的設備指紋資訊,根據設備指紋資訊判斷每個用戶端是否為不可信用戶端,並週期性判斷連接至服務端的不可信用戶端的數量占比是否超過預設閾值,其中,若超過預設閾值,則檢測到第一預設風險事件。In a possible implementation, the server is connected to multiple clients, and the key exchange request sent by the clients also includes device fingerprint information; the method further includes: the server collects the device fingerprint information sent by each client, Determine whether each client is an untrusted client based on device fingerprint information, and periodically determine whether the proportion of untrusted clients connected to the server exceeds a preset threshold. If it exceeds the preset threshold, the first Preset risk events.
在一種可能的實施方式中,預設風險事件還包括風險程度大於第一預設風險事件的第四預設風險事件;其中,第四預設風險事件用於指示服務端檢測到重複多次的第一預設風險事件。舉例來說,當檢測到第一預設風險事件重複多次發生時,驅動強制更新該服務端當前持有的第一金鑰生成協定,動態更新後的第二金鑰生成協議可以由多個AES運算元(一級運算元)、矩陣變化運算元(二級運算元)和SHA變換運算元(三級運算元)組合參與。由此具有更高的安全級別。In a possible implementation manner, the preset risk event further includes a fourth preset risk event whose risk degree is greater than the first preset risk event; wherein, the fourth preset risk event is used to indicate that the server detects a repeated The first predetermined risk event. For example, when it is detected that the first preset risk event has repeatedly occurred, the driver will forcefully update the first key generation agreement currently held by the server, and the dynamically updated second key generation agreement can be composed of multiple The combination of AES operator (first-level operator), matrix transformation operator (second-level operator) and SHA transformation operator (third-level operator) is involved. This results in a higher level of security.
步驟102、服務端將動態更新後的第二金鑰生成協議下發至用戶端,以使用戶端基於第二金鑰生成協定與服務端進行金鑰交換。Step 102, the server sends the dynamically updated second key generation protocol to the client, so that the client performs key exchange with the server based on the second key generation protocol.
在一種可能的實施方式中,步驟102中的服務端將動態更新後的第二金鑰生成協議下發至用戶端,還包括:服務端接收用戶端上送的金鑰交換請求,金鑰交換請求包括用戶端當前持有的金鑰生成協議的版本號;當服務端判斷金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,服務端將動態更新後的第二金鑰生成協議下發至用戶端。In a possible implementation manner, the server in step 102 sends the dynamically updated second key generation protocol to the client, which also includes: the server receives the key exchange request sent by the client, and the key exchange The request includes the version number of the key generation protocol currently held by the client; when the server judges that the version number carried in the key exchange request is inconsistent with the version number of the second key generation protocol, the server will dynamically update the second key generation protocol. The key generation protocol is delivered to the client.
相反,當服務端判斷用戶端上送的金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號一致時,則說明用戶端和服務端的金鑰生成協定是一致的,則服務端無需進一步向用戶端下發其持有的第二金鑰生成協議。On the contrary, when the server judges that the version number carried in the key exchange request sent by the client is consistent with the version number of the second key generation protocol, it means that the key generation protocol between the client and the server is consistent, and the server There is no need to further deliver the second key generation protocol it holds to the client.
在一種可能的實施方式中,上述服務端將動態更新後的第二金鑰生成協議下發至用戶端,還可以進一步包括:服務端將第二金鑰生成協議的版本號下發至用戶端;用戶端向服務端發起協定更新請求,協定更新請求攜帶第二金鑰生成協議的版本號;服務端向用戶端下發對應于第二金鑰生成協定的協定邏輯和協定資料;用戶端基於預置的金鑰運算元層、協定邏輯和協定資料,將第二金鑰生成協議落地,並重新基於第二金鑰生成協定向服務端發起金鑰交換請求。In a possible implementation manner, the server sends the dynamically updated second key generation protocol to the client, and may further include: the server sends the version number of the second key generation protocol to the client ; The client initiates a protocol update request to the server, and the protocol update request carries the version number of the second key generation protocol; the server sends the protocol logic and protocol data corresponding to the second key generation protocol to the client; The preset key operator layer, protocol logic and protocol data implement the second key generation protocol, and re-initiate a key exchange request to the server based on the second key generation protocol.
在一種可能的實施方式中,服務端通過熱更新方式向用戶端下發第二金鑰生成協定的協定邏輯。In a possible implementation manner, the server issues the agreement logic of the second key generation agreement to the user end in a hot update manner.
舉例來說,參考圖3,服務端向用戶端下發的協定邏輯是熱更新JS檔,用戶端在接收到該熱更新JS檔之後轉為熱更新模組,並進一步結合接收到的協定資料、預置的金鑰運算元層生成更新後的第二金鑰生成協議。For example, referring to Figure 3, the agreement logic issued by the server to the client is a hot update JS file. After receiving the hot update JS file, the client turns into a hot update module and further combines the received agreement data. , The preset key operator layer generates an updated second key generation protocol.
圖4示出對服務端和用戶端持有的金鑰生成協定依次進行更新的流程示意圖。參考圖3,圖4所示出用戶端和服務端之間的通信均是通過圖3中的安全通訊模組而實現的。Fig. 4 shows a schematic flow chart of sequentially updating the key generation agreement held by the server and the client. Referring to FIG. 3 , FIG. 4 shows that the communication between the client and the server is realized through the secure communication module in FIG. 3 .
S41、服務端將當前持有的第一金鑰生成協定置為失效狀態,同時生成第二金鑰生成協議、熱更新補丁以及白盒跳轉表。S41. The server sets the currently held first key generation agreement to an invalid state, and simultaneously generates a second key generation agreement, a hot update patch, and a white-box jump table.
S42、用戶端生成用戶端亂數。其中,上述S41可以在S42之前或之後,本申請對此不作具體限制。S42. The client generates a random number at the client. Wherein, the above S41 may be before or after S42, which is not specifically limited in the present application.
S43、用戶端向服務端發起金鑰交換請求,金鑰交換請求包括:用戶端當前持有的金鑰生成協議的版本號、用戶端亂數以及設備指紋資訊。S43. The user end initiates a key exchange request to the server end. The key exchange request includes: the version number of the key generation protocol currently held by the user end, the random number of the user end, and device fingerprint information.
S44、服務端收到金鑰交換請求,判斷金鑰交換請求攜帶的版本號已過期,則終止當前金鑰交換請求。S44. After receiving the key exchange request, the server determines that the version number carried in the key exchange request has expired, and terminates the current key exchange request.
S45、將動態更新後持有的第二金鑰生成協議的版本號和證書下發至用戶端。S45. Deliver the dynamically updated version number and certificate of the second key generation protocol to the client.
S46、用戶端收到對接收的證書進行驗證。S46. The client receives and verifies the received certificate.
S47、用戶端在證書驗證通過之後向服務端發起協定更新請求,該協定更新請求攜帶該第二金鑰生成協議的版本號且用於請求熱更新檔以及白盒跳轉表。S47. After the certificate verification is passed, the client sends a protocol update request to the server. The protocol update request carries the version number of the second key generation protocol and is used to request a hot update file and a white-box jump table.
S48、服務端根據用戶端上送的版本號,下發第二金鑰生成協議對應的熱更新js檔(例如,通過協定邏輯模組)以及運算元參數(例如,通過協定資料模組)。S48. The server issues the hot update js file corresponding to the second key generation protocol (for example, through the protocol logic module) and operator parameters (for example, through the protocol data module) according to the version number sent by the client.
S49、用戶端收到熱更新js文件和運算元參數後,基於預置的金鑰運算元層執行熱更新,並存儲第二金鑰生成協定的版本號、熱更新檔以及白盒跳轉表。S49. After receiving the hot update js file and the operator parameters, the client executes the hot update based on the preset key operator layer, and stores the version number of the second key generation protocol, the hot update file, and the white box jump table.
S50、用戶端和服務端基於當前持有的第二金鑰生成協議進行金鑰交換。S50. The client and the server perform key exchange based on the currently held second key generation protocol.
在一種可能的實施方式中,用戶端基於第二金鑰生成協定與服務端進行金鑰交換,還包括:用戶端向服務端發送金鑰交換請求,金鑰交換請求包括用戶端當前持有的第二金鑰生成協議的版本號;當服務端檢測到金鑰交換請求中攜帶的版本號與服務端當前持有的第二金鑰生成協議的版本號一致時,生成服務端亂數,並將服務端亂數發送至用戶端;用戶端根據服務端亂數產生預主金鑰,將預主金鑰發送至服務端;用戶端和服務端各自利用第二金鑰生成協議、預主金鑰、用戶端亂數以及服務端亂數產生工作金鑰;用戶端和服務端通過交換各自生成的工作金鑰進行加密通訊。In a possible implementation manner, the client performs key exchange with the server based on the second key generation agreement, and further includes: the client sends a key exchange request to the server, and the key exchange request includes the key exchange currently held by the client. The version number of the second key generation protocol; when the server detects that the version number carried in the key exchange request is consistent with the version number of the second key generation protocol currently held by the server, generate a server random number, and Send the server random number to the client; the client generates the pre-master key according to the server random number, and sends the pre-master key to the server; the client and the server use the second key generation protocol and pre-master key respectively. key, random numbers on the client side, and random numbers on the server side to generate working keys; the client side and the server side exchange their generated working keys for encrypted communication.
在一種可能的實施方式中,方法還包括:用戶端根據服務端亂數產生預主金鑰之後,利用服務端下送的公開金鑰對預主金鑰進行加密,並將加密的預主金鑰發送至服務端;服務端利用私密金鑰對加密的預主金鑰進行解密,得到解密的預主金鑰。In a possible implementation manner, the method further includes: after the user end generates the pre-master key according to the random number of the server, encrypts the pre-master key with the public key sent by the server, and sends the encrypted pre-master key to The key is sent to the server; the server uses the private key to decrypt the encrypted pre-master key to obtain the decrypted pre-master key.
舉例來說,用戶端與服務端同時持有動態更新後的第二金鑰生成協定後,服務端和用戶端通過基於該第二金鑰生成協議各自生成最終的工作金鑰(Skey),具體金鑰生成工作過程如圖5所示,包括:For example, after the client and the server hold the dynamically updated second key generation agreement at the same time, the server and the client generate the final working key (Skey) based on the second key generation agreement, specifically The working process of key generation is shown in Figure 5, including:
S51、用戶端生成用戶端亂數(cliRand)。S51. The user end generates a user end random number (cliRand).
S52、用戶端向服務端發起金鑰交換請求,上送用戶端亂數、協定版本號、以及設備資訊。S52. The client initiates a key exchange request to the server, and sends the client random number, protocol version number, and device information.
S53、服務端收到用戶端請求資訊後,判斷協定版本號為最新版本號,生成服務端亂數(srvRand)。S53. After receiving the request information from the client, the server determines that the protocol version number is the latest version number, and generates a server random number (srvRand).
S54、服務端將服務端亂數(srvRand)、第二金鑰生成協議的版本號、證書下發至用戶端。S54. The server sends the server random number (srvRand), the version number of the second key generation protocol, and the certificate to the client.
S55、用戶端收到服務端亂數後,對證書進行驗證。S55. After receiving the random number from the server, the client verifies the certificate.
S56、用戶端在證書驗證通過之後生成預主金鑰(premasterKey),並用服務端下發的公開金鑰加密預主金鑰。S56. The user end generates a pre-master key (premasterKey) after the certificate verification is passed, and encrypts the pre-master key with the public key issued by the server end.
S57、用戶端將加密的預主金鑰上送至服務端。S57. The client sends the encrypted pre-master key to the server.
S58、用戶端利用當前持有的第二金鑰生成協定,並根據預主金鑰、服務端亂數、用戶端亂數產生工作金鑰。其中,S57可以在S58之前或之後執行,本申請對此不作具體限制。S58. The client uses the currently held second key to generate a protocol, and generates a working key according to the pre-master key, the random number on the server side, and the random number on the user side. Wherein, S57 may be performed before or after S58, which is not specifically limited in the present application.
S59、服務端收到加密的預主金鑰後,用私密金鑰解密預主金鑰,並使用當前持有的第二金鑰生成協定,並根據預主金鑰、服務端亂數、用戶端亂數產生工作金鑰。S59. After receiving the encrypted pre-master key, the server uses the private key to decrypt the pre-master key, and uses the currently held second key to generate an agreement, and according to the pre-master key, server random number, user Terminal random numbers generate working keys.
S60、用戶端和服務端同時持有工作金鑰,後續業務報文可以進行金鑰加密通訊。S60. The user end and the server end hold the working key at the same time, and subsequent service messages can be encrypted and communicated with the key.
參考圖3,在S60之前,上述用戶端和服務端之間的通信均是通過用戶端和服務端的安全通訊模組而實現的,其中,金鑰因數包括預主金鑰、服務端亂數、用戶端亂數。S60之後,通過用戶端和伺服器的業務報文加密模組進行加密之後進行金鑰加密通訊。Referring to Fig. 3, before S60, the above-mentioned communication between the client and the server is realized through the secure communication module of the client and the server, wherein the key factor includes the pre-master key, the random number of the server, Random numbers on the client side. After S60, encryption is carried out by the business message encryption module of the client and the server, and then the key encryption communication is performed.
基於相同的技術構思,本發明實施例還提供一種動態金鑰生成系統,用於執行上述任一實施例所提供的動態金鑰生成方法。圖6為本發明實施例提供的一種動態金鑰生成系統的結構示意圖。Based on the same technical concept, an embodiment of the present invention also provides a dynamic key generation system, which is used to execute the dynamic key generation method provided in any of the above embodiments. Fig. 6 is a schematic structural diagram of a dynamic key generation system provided by an embodiment of the present invention.
如圖6所示,系統600包括:服務端601和用戶端602。其中,服務端用於執行:當檢測到預設風險事件時,基於預設風險事件的風險程度對服務端當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議;將動態更新後的第二金鑰生成協議下發至用戶端;用戶端用於執行:基於第二金鑰生成協定與服務端進行金鑰交換。As shown in FIG. 6 , the
在一些實施方式中,服務端還用於:接收用戶端上送的金鑰交換請求,金鑰交換請求包括用戶端當前持有的金鑰生成協議的版本號;當檢測到金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,將動態更新後的第二金鑰生成協議下發至用戶端。In some implementations, the server is further configured to: receive the key exchange request sent by the client, where the key exchange request includes the version number of the key generation protocol currently held by the client; when it is detected that the key exchange request carries When the version number of the second key generation protocol is inconsistent with that of the second key generation protocol, the dynamically updated second key generation protocol is delivered to the client.
在一些實施方式中,服務端還用於:當檢測到預設風險事件時,使當前持有的第一金鑰生成協定失效,並根據預設風險事件的風險程度生成對應安全級別的第二金鑰生成協議;其中,第二金鑰生成協議包括預置的金鑰運算元層和協定主體,協定主體包括協定邏輯以及協定資料,協定邏輯用於指示第二金鑰生成協議採用的一個或多個目標金鑰運算元的組成規則,協定資料用於指示一個或多個目標金鑰運算元的運算元參數的。In some implementations, the server is further configured to: when a preset risk event is detected, invalidate the currently held first key generation agreement, and generate a second key with a corresponding security level according to the risk degree of the preset risk event. Key generation protocol; wherein, the second key generation protocol includes a preset key operator layer and an agreement body, the agreement body includes agreement logic and agreement data, and the agreement logic is used to indicate one or Composition rules of multiple target key operands, the protocol data is used to indicate the operand parameters of one or more target key operands.
在一些實施方式中,金鑰運算元層包含多個金鑰運算元且預置於服務端和用戶端,並且金鑰運算元層中包含的多個金鑰運算元預先被劃分為多個安全等級;以及,第二金鑰生成協議的安全級別由採用的一個或多個目標金鑰運算元的安全等級確定。In some implementations, the key operand layer contains multiple key operands and is preset at the server and the user end, and the multiple key operands contained in the key operand layer are pre-divided into multiple security level; and, the security level of the second key generation protocol is determined by the security level of the one or more target key operands employed.
在一些實施方式中,金鑰運算元層包含:採用安全加密演算法的一種或多種金鑰運算元,和/或採用自訂變化演算法的一種或多種金鑰運算元,和/或採用摘要演算法的一種或多種金鑰運算元。In some embodiments, the key operand layer includes: one or more key operands using a secure encryption algorithm, and/or one or more key operands using a custom change algorithm, and/or using a digest One or more keyed operands of the algorithm.
在一些實施方式中,系統還用於:採用白盒加密技術保護運算元參數的安全性。In some implementation manners, the system is further configured to: use white-box encryption technology to protect the security of the operator parameters.
在一些實施方式中,預設風險事件至少包括風險程度不同的第一預設風險事件、第二預設風險事件和第三預設風險事件;其中,第一預設風險事件用於指示連接至服務端的不可信用戶端的數量占比超過預設閾值;第二預設風險事件用於指示接收外部發來的協定更新指令;第三預設風險事件用於指示服務端當前持有的第一金鑰生成協議的工作時間超過預設安全時長。In some embodiments, the preset risk events include at least a first preset risk event, a second preset risk event, and a third preset risk event with different risk levels; wherein, the first preset risk event is used to indicate the connection to The proportion of the number of untrusted clients on the server exceeds the preset threshold; the second preset risk event is used to indicate the receipt of an agreement update command sent from the outside; the third preset risk event is used to indicate that the first gold currently held by the server The working time of the key generation protocol exceeds the preset security time.
在一些實施方式中,服務端連接至多個用戶端,且用戶端上送的金鑰交換請求還包括設備指紋資訊;服務端還用於:收集每個用戶端上送的設備指紋資訊,根據設備指紋資訊判斷每個用戶端是否為不可信用戶端,並週期性判斷連接至服務端的不可信用戶端的數量占比是否超過預設閾值,其中,若超過預設閾值,則檢測到第一預設風險事件。In some implementations, the server is connected to multiple clients, and the key exchange request sent by the client also includes device fingerprint information; the server is also used to: collect the device fingerprint information sent by each client, according to the device Fingerprint information judges whether each client is an untrusted client, and periodically judges whether the proportion of untrusted clients connected to the server exceeds a preset threshold. If it exceeds the preset threshold, the first preset threshold is detected. risk event.
在一些實施方式中,預設風險事件還包括風險程度大於第一預設風險事件的第四預設風險事件;其中,第四預設風險事件用於指示服務端重複檢測到多次第一預設風險事件。In some embodiments, the preset risk event further includes a fourth preset risk event whose risk degree is greater than the first preset risk event; wherein, the fourth preset risk event is used to instruct the server to repeatedly detect the first preset risk event set risk events.
在一些實施方式中,服務端還用於:當檢測到金鑰交換請求攜帶的版本號與第二金鑰生成協議的版本號不一致時,將第二金鑰生成協議的版本號下發至用戶端;用戶端還用於:向服務端發起協定更新請求,協定更新請求攜帶第二金鑰生成協議的版本號;服務端還用於:向用戶端下發第二金鑰生成協定的協定邏輯和協定資料;用戶端還用於:基於預置的金鑰運算元層、協定邏輯和協定資料,將第二金鑰生成協議落地,並重新基於第二金鑰生成協定向服務端發起金鑰交換請求。In some implementations, the server is further configured to: send the version number of the second key generation protocol to the user when detecting that the version number carried in the key exchange request is inconsistent with the version number of the second key generation protocol terminal; the client is also used to: initiate a protocol update request to the server, and the protocol update request carries the version number of the second key generation protocol; the server is also used to: issue the agreement logic of the second key generation protocol to the client and protocol data; the client is also used to implement the second key generation protocol based on the preset key operator layer, protocol logic, and protocol data, and re-initiate a key to the server based on the second key generation protocol Exchange request.
在一些實施方式中,服務端通過熱更新方式向用戶端下發第二金鑰生成協定的協定邏輯。In some implementation manners, the server issues the protocol logic of the second key generation agreement to the client in a hot update manner.
在一些實施方式中,用戶端還用於:當基於第二金鑰生成協定進行動態更新之後,向服務端發送金鑰交換請求,金鑰交換請求包括用戶端當前持有的第二金鑰生成協議的版本號;服務端還用於:當檢測到金鑰交換請求中攜帶的版本號與服務端當前持有的第二金鑰生成協議的版本號一致時,生成服務端亂數,並將服務端亂數發送至用戶端;用戶端還用於:根據服務端亂數產生預主金鑰,將預主金鑰發送至服務端;用戶端和服務端還用於:各自利用第二金鑰生成協議、預主金鑰、用戶端亂數以及服務端亂數產生工作金鑰,通過交換各自生成的工作金鑰進行加密通訊。In some implementations, the client is further configured to: send a key exchange request to the server after the dynamic update is performed based on the second key generation agreement. The key exchange request includes the second key generation currently held by the client. The version number of the protocol; the server is also used to: when it is detected that the version number carried in the key exchange request is consistent with the version number of the second key generation protocol currently held by the server, generate a random number on the server, and send The random number of the server is sent to the client; the client is also used to: generate the pre-master key according to the random number of the server, and send the pre-master key to the server; the client and the server are also used to: respectively use the second key Key generation protocol, pre-master key, random numbers on the client side and random numbers on the server side generate working keys, and encrypted communication is performed by exchanging the working keys generated by each.
在一些實施方式中,用戶端還用於:根據服務端亂數產生預主金鑰之後,利用服務端下送的公開金鑰對預主金鑰進行加密,並將加密的預主金鑰發送至服務端;服務端還用於:利用私密金鑰對加密的預主金鑰進行解密,得到解密的預主金鑰。In some implementations, the client is further configured to: after generating the pre-master key according to the random number of the server, use the public key sent by the server to encrypt the pre-master key, and send the encrypted pre-master key to to the server; the server is also used to: use the private key to decrypt the encrypted pre-master key to obtain the decrypted pre-master key.
需要說明的是,本申請實施例中的系統可以實現前述方法的實施例的各個過程,並達到相同的效果和功能,這裡不再贅述。It should be noted that the system in the embodiment of the present application can realize each process of the foregoing method embodiment, and achieve the same effect and function, which will not be repeated here.
本領域內的技術人員應明白,本發明的實施例可提供為方法、系統或電腦程式產品。因此,本發明可採用完全硬體實施例、完全軟體實施例、或結合軟體和硬體方面的實施例的形式。而且,本發明可採用在一個或多個其中包含有電腦可用程式碼的電腦可用存儲介質(包括但不限於磁碟記憶體、CD-ROM、光學記憶體等)上實施的電腦程式產品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk memory, CD-ROM, optical memory, etc.) having computer-usable program code embodied therein .
本發明是參照根據本發明實施例的方法、設備(系統)、和電腦程式產品的流程圖和/或方框圖來描述的。應理解可由電腦程式指令實現流程圖和/或方框圖中的每一流程和/或方框、以及流程圖和/或方框圖中的流程和/或方框的結合。可提供這些電腦程式指令到通用電腦、專用電腦、嵌入式處理機或其他可程式設計資料處理設備的處理器以產生一個機器,使得通過電腦或其他可程式設計資料處理設備的處理器執行的指令產生用於實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能的裝置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and a combination of processes and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing equipment to produce a machine so that the instructions executed by the processor of the computer or other programmable data processing equipment Produce means for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
這些電腦程式指令也可存儲在能引導電腦或其他可程式設計資料處理設備以特定方式工作的電腦可讀記憶體中,使得存儲在該電腦可讀記憶體中的指令產生包括指令裝置的製造品,該指令裝置實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能。These computer program instructions may also be stored in a computer readable memory capable of directing a computer or other programmable data processing device to operate in a specific manner, such that the instructions stored in the computer readable memory produce an article of manufacture including the instruction means , the instruction device implements the functions specified in one or more procedures of the flow chart and/or one or more blocks of the block diagram.
這些電腦程式指令也可裝載到電腦或其他可程式設計資料處理設備上,使得在電腦或其他可程式設計設備上執行一系列操作步驟以產生電腦實現的處理,從而在電腦或其他可程式設計設備上執行的指令提供用於實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能的步驟。These computer program instructions may also be loaded into a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce computer-implemented The instructions executed above provide steps for implementing the functions specified in the procedure or procedures of the flowchart and/or the block or blocks of the block diagram.
在一個典型的配置中,計算設備包括一個或多個處理器(CPU)、輸入/輸出介面、網路介面和記憶體。In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
記憶體可能包括電腦可讀介質中的非永久性記憶體,隨機存取記憶體 (RAM)和/或非易失性記憶體等形式,如唯讀記憶體(ROM)或快閃記憶體(flash RAM)。記憶體是電腦可讀介質的示例。Memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or nonvolatile memory in the form of read only memory (ROM) or flash memory ( flash RAM). The memory is an example of a computer readable medium.
電腦可讀介質包括永久性和非永久性、可移動和非可移動媒體可以由任何方法或技術來實現資訊存儲。資訊可以是電腦可讀指令、資料結構、程式的模組或其他資料。電腦的存儲介質的例子包括,但不限於相變記憶體 (PRAM)、靜態隨機存取記憶體 (SRAM)、動態隨機存取記憶體 (DRAM)、其他類型的隨機存取記憶體 (RAM)、唯讀記憶體 (ROM)、電可擦除可程式設計唯讀記憶體 (EEPROM)、快閃記憶體或其他記憶體技術、唯讀光碟唯讀記憶體 (CD-ROM)、數位多功能光碟 (DVD) 或其他光學存儲、磁盒式磁帶,磁帶磁磁片存儲或其他磁性存放裝置或任何其他非傳輸介質,可用於存儲可以被計算設備訪問的資訊。此外,儘管在附圖中以特定順序描述了本發明方法的操作,但是,這並非要求或者暗示必須按照該特定順序來執行這些操作,或是必須執行全部所示的操作才能實現期望的結果。附加地或備選地,可以省略某些步驟,將多個步驟合併為一個步驟執行,和/或將一個步驟分解為多個步驟執行。Computer-readable media includes both permanent and non-permanent, removable and non-removable media, and can be implemented by any method or technology for storage of information. Information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for computers include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM) , read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, compact disc read-only memory (CD-ROM), digital multifunction Compact Disc (DVD) or other optical storage, magnetic cassette, tape magnetic disk storage or other magnetic storage device or any other non-transmission medium used to store information that can be accessed by a computing device. In addition, while operations of the methods of the present invention are depicted in the figures in a particular order, there is no requirement or implication that these operations must be performed in that particular order, or that all illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps may be combined into one step for execution, and/or one step may be decomposed into multiple steps for execution.
雖然已經參考若干具體實施方式描述了本發明的精神和原理,但是應該理解,本發明並不限於所公開的具體實施方式,對各方面的劃分也不意味著這些方面中的特徵不能組合以進行受益,這種劃分僅是為了表述的方便。本發明旨在涵蓋所附權利要求的精神和範圍內所包括的各種修改和等同佈置。Although the spirit and principles of the invention have been described with reference to a number of specific embodiments, it should be understood that the invention is not limited to the specific embodiments disclosed, nor does division of aspects imply that features in these aspects cannot be combined to achieve optimal performance. Benefit, this division is only for the convenience of expression. The present invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
100:方法 101:當檢測到預設風險事件時,服務端基於預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議 102:服務端將動態更新後的第二金鑰生成協議下發至用戶端,以使用戶端基於第二金鑰生成協定與服務端進行金鑰交換 S41:服務端將當前持有的第一金鑰生成協定置為失效狀態,同時生成第二金鑰生成協議、熱更新補丁以及白盒跳轉表。 S42:用戶端生成用戶端亂數。其中,上述S41可以在S42之前或之後,本申請對此不作具體限制 S43:用戶端向服務端發起金鑰交換請求,金鑰交換請求包括:用戶端當前持有的金鑰生成協議的版本號、用戶端亂數以及設備指紋資訊 S44:服務端收到金鑰交換請求,判斷金鑰交換請求攜帶的版本號已過期,則終止當前金鑰交換請求 S45:將動態更新後持有的第二金鑰生成協議的版本號和證書下發至用戶端 S46:用戶端收到對接收的證書進行驗證 S47:用戶端在證書驗證通過之後向服務端發起協定更新請求,該協定更新請求攜帶該第二金鑰生成協議的版本號且用於請求熱更新檔以及白盒跳轉表 S48:服務端根據用戶端上送的版本號,下發第二金鑰生成協議對應的熱更新js檔(例如,通過協定邏輯模組)以及運算元參數(例如,通過協定資料模組) S49:用戶端收到熱更新js文件和運算元參數後,基於預置的金鑰運算元層執行熱更新,並存儲第二金鑰生成協定的版本號、熱更新檔以及白盒跳轉表 S50:用戶端和服務端基於當前持有的第二金鑰生成協議進行金鑰交換 S51:用戶端生成用戶端亂數(cliRand) S52:用戶端向服務端發起金鑰交換請求,上送用戶端亂數、協定版本號、以及設備資訊 S53:服務端收到用戶端請求資訊後,判斷協定版本號為最新版本號,生成服務端亂數(srvRand) S54:服務端將服務端亂數(srvRand)、第二金鑰生成協議的版本號、證書下發至用戶端 S55:用戶端收到服務端亂數後,對證書進行驗證 S56:用戶端在證書驗證通過之後生成預主金鑰(premasterKey),並用服務端下發的公開金鑰加密預主金鑰 S57:用戶端將加密的預主金鑰上送至服務端 S58:用戶端利用當前持有的第二金鑰生成協定,並根據預主金鑰、服務端亂數、用戶端亂數產生工作金鑰 S59:服務端收到加密的預主金鑰後,用私密金鑰解密預主金鑰,並使用當前持有的第二金鑰生成協定,並根據預主金鑰、服務端亂數、用戶端亂數產生工作金鑰 S60:用戶端和服務端同時持有工作金鑰,後續業務報文可以進行金鑰加密通訊 600:系統 601:服務端 602:用戶端 100: method 101: When a preset risk event is detected, the server dynamically updates the currently held first key generation agreement based on the risk degree of the preset risk event, and obtains the second key generation agreement 102: The server sends the dynamically updated second key generation protocol to the client, so that the client performs key exchange with the server based on the second key generation protocol S41: The server sets the currently held first key generation agreement to an invalid state, and simultaneously generates a second key generation agreement, a hot update patch, and a white-box jump table. S42: The client generates a random number at the client. Wherein, the above-mentioned S41 may be before or after S42, and the present application does not specifically limit this S43: The client initiates a key exchange request to the server. The key exchange request includes: the version number of the key generation protocol currently held by the client, random numbers at the client, and device fingerprint information S44: The server receives the key exchange request, judges that the version number carried in the key exchange request has expired, and then terminates the current key exchange request S45: Sending the version number and certificate of the second key generation protocol held after the dynamic update to the client S46: The client receives and verifies the received certificate S47: The client initiates a protocol update request to the server after the certificate verification is passed, the protocol update request carries the version number of the second key generation protocol and is used to request a hot update file and a white box jump table S48: The server issues the hot update js file corresponding to the second key generation protocol (for example, through the protocol logic module) and the operator parameters (for example, through the protocol data module) according to the version number sent by the client. S49: After receiving the hot update js file and the operator parameters, the client executes the hot update based on the preset key operator layer, and stores the version number of the second key generation agreement, the hot update file, and the white box jump table S50: The client and the server perform key exchange based on the currently held second key generation protocol S51: The client generates a random number at the client (cliRand) S52: The client initiates a key exchange request to the server, and sends the client random number, protocol version number, and device information S53: After receiving the requested information from the client, the server determines that the protocol version number is the latest version number, and generates a server random number (srvRand) S54: The server sends the server random number (srvRand), the version number of the second key generation protocol, and the certificate to the client S55: After receiving the random number from the server, the client verifies the certificate S56: The client generates a pre-master key (premasterKey) after the certificate verification is passed, and encrypts the pre-master key with the public key issued by the server S57: The client sends the encrypted pre-master key to the server S58: The client uses the currently held second key to generate an agreement, and generates a working key according to the pre-master key, the server-side random number, and the client-side random number S59: After receiving the encrypted pre-master key, the server uses the private key to decrypt the pre-master key, and uses the currently held second key to generate an agreement, and according to the pre-master key, server random number, user Terminal random number generates work key S60: The user end and the server end hold the work key at the same time, and subsequent business messages can be encrypted with the key. 600: system 601: server 602: client
通過閱讀下文的示例性實施例的詳細描述,本領域普通技術人員將明白本文所述的優點和益處以及其他優點和益處。附圖僅用於示出示例性實施例的目的,而並不認為是對本發明的限制。而且在整個附圖中,用相同的標號表示相同的部件。在附圖中:The advantages and benefits described herein, as well as other advantages and benefits, will be apparent to those of ordinary skill in the art upon reading the following detailed description of the exemplary embodiments. The drawings are only for the purpose of illustrating exemplary embodiments and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to denote the same parts. In the attached picture:
[圖1]為根據本發明一實施例的動態金鑰生成方法的流程示意圖; [圖2]為根據本發明一實施例的金鑰生成協議的示意圖; [圖3]為根據本發明一實施例的動態金鑰生成系統的示意圖; [圖4]為根據本發明一實施例的更新金鑰生成協議的時序示意圖; [圖5]為根據本發明一實施例的生成動態金鑰的時序示意圖; [圖6]為根據本發明一實施例的動態金鑰生成系統的示意圖。 [Fig. 1] is a schematic flow diagram of a method for generating a dynamic key according to an embodiment of the present invention; [Fig. 2] is a schematic diagram of a key generation protocol according to an embodiment of the present invention; [Fig. 3] is a schematic diagram of a dynamic key generation system according to an embodiment of the present invention; [FIG. 4] is a schematic diagram of the timing sequence of the update key generation protocol according to an embodiment of the present invention; [Fig. 5] is a schematic diagram of the sequence of generating a dynamic key according to an embodiment of the present invention; [ FIG. 6 ] is a schematic diagram of a dynamic key generation system according to an embodiment of the present invention.
在附圖中,相同或對應的標號表示相同或對應的部分。In the drawings, the same or corresponding reference numerals denote the same or corresponding parts.
101:當檢測到預設風險事件時,服務端基於預設風險事件的風險程度對當前持有的第一金鑰生成協定進行動態更新,獲得第二金鑰生成協議 101: When a preset risk event is detected, the server dynamically updates the currently held first key generation agreement based on the risk degree of the preset risk event, and obtains the second key generation agreement
102:服務端將動態更新後的第二金鑰生成協議下發至用戶端,以使用戶端基於第二金鑰生成協定與服務端進行金鑰交換 102: The server sends the dynamically updated second key generation protocol to the client, so that the client performs key exchange with the server based on the second key generation protocol
Claims (26)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011356965.6 | 2020-11-27 | ||
| CN202011356965.6A CN112543100B (en) | 2020-11-27 | 2020-11-27 | A method and system for generating a dynamic key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW202222052A TW202222052A (en) | 2022-06-01 |
| TWI787974B true TWI787974B (en) | 2022-12-21 |
Family
ID=75016986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW110131571A TWI787974B (en) | 2020-11-27 | 2021-08-26 | Method and system for generating dynamic key |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN112543100B (en) |
| TW (1) | TWI787974B (en) |
| WO (1) | WO2022110968A1 (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114024724B (en) * | 2021-10-25 | 2023-06-13 | 四川启睿克科技有限公司 | Symmetric key dynamic generation method based on Internet of things |
| CN117040944B (en) * | 2023-10-10 | 2024-04-26 | 深圳市旗云智能科技有限公司 | Remote signal transmission device of wireless Internet of things |
| CN117668887B (en) * | 2024-01-31 | 2024-05-31 | 南湖实验室 | A custom balancing method between homomorphic encryption security and performance based on confidential computing |
| CN120217353B (en) * | 2025-02-27 | 2025-11-21 | 江苏禾冠信息技术有限公司 | A method for intelligent automatic password extraction and secure storage |
| CN120856336B (en) * | 2025-09-22 | 2026-01-09 | 云账户技术(天津)有限公司 | Key security management method, device, electronic equipment, medium and program product |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120309354A1 (en) * | 2011-06-06 | 2012-12-06 | Syracuse University | Situation aware security system and method for mobile devices |
| WO2014029951A1 (en) * | 2012-08-21 | 2014-02-27 | Senta Technologies Limited | A cryptography system |
| TW201740305A (en) * | 2016-05-06 | 2017-11-16 | Alibaba Group Services Ltd | Data encryption method, data decryption method, device and system |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100321716B1 (en) * | 1998-12-08 | 2002-03-08 | 이계철 | Key authentication method in authentication system |
| US7591012B2 (en) * | 2004-03-02 | 2009-09-15 | Microsoft Corporation | Dynamic negotiation of encryption protocols |
| US20060126836A1 (en) * | 2004-12-10 | 2006-06-15 | Hector Rivas | System and method for dynamic generation of encryption keys |
| CN101127595B (en) * | 2006-08-15 | 2011-02-02 | 华为技术有限公司 | A method, system and device for realizing multi-party communication security |
| CN101515876B (en) * | 2008-02-18 | 2011-11-23 | 财团法人工业技术研究院 | Key establishment and event processing method and system for dual-mode wireless detector network |
| JP5288901B2 (en) * | 2008-06-23 | 2013-09-11 | 三菱電機株式会社 | Key management server, terminal, communication system, key distribution method, key distribution program, key reception method, and key reception program |
| EP3291483B1 (en) * | 2015-04-30 | 2020-01-01 | Nippon Telegraph and Telephone Corporation | Data transmission and reception method and system |
| CN106533659A (en) * | 2015-09-14 | 2017-03-22 | 北京中质信维科技有限公司 | Secret key updating method and system |
| CN106100834B (en) * | 2016-06-22 | 2019-07-19 | 咪付(深圳)网络技术有限公司 | A method for generating and updating algorithm keystore |
| CN108040071B (en) * | 2017-12-30 | 2023-02-17 | 深圳市潮流网络技术有限公司 | Dynamic switching method for VoIP audio and video encryption key |
| CN109743176B (en) * | 2018-12-28 | 2020-07-28 | 百富计算机技术(深圳)有限公司 | POS terminal certificate updating method, server and POS terminal |
| CN111756524B (en) * | 2019-03-26 | 2024-07-23 | 深圳市网安计算机安全检测技术有限公司 | Dynamic group key generation method, device, computer equipment and storage medium |
| CN111740844A (en) * | 2020-06-24 | 2020-10-02 | 上海缔安科技股份有限公司 | SSL communication method and device based on hardware cryptographic algorithm |
| CN111988143B (en) * | 2020-08-28 | 2024-03-01 | 百度时代网络技术(北京)有限公司 | Key updating method, device, equipment and storage medium |
-
2020
- 2020-11-27 CN CN202011356965.6A patent/CN112543100B/en active Active
-
2021
- 2021-08-26 TW TW110131571A patent/TWI787974B/en active
- 2021-09-09 WO PCT/CN2021/117514 patent/WO2022110968A1/en not_active Ceased
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120309354A1 (en) * | 2011-06-06 | 2012-12-06 | Syracuse University | Situation aware security system and method for mobile devices |
| WO2014029951A1 (en) * | 2012-08-21 | 2014-02-27 | Senta Technologies Limited | A cryptography system |
| TW201740305A (en) * | 2016-05-06 | 2017-11-16 | Alibaba Group Services Ltd | Data encryption method, data decryption method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112543100B (en) | 2023-07-28 |
| TW202222052A (en) | 2022-06-01 |
| CN112543100A (en) | 2021-03-23 |
| WO2022110968A1 (en) | 2022-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI787974B (en) | Method and system for generating dynamic key | |
| CN109347835B (en) | Information transmission method, client, server, and computer-readable storage medium | |
| US11190496B2 (en) | Fast oblivious transfers | |
| US12284270B2 (en) | Systems and methods for providing signatureless, confidential and authentication of data during handshake for classical and quantum computing environments | |
| US8646104B2 (en) | Stateless challenge-response broadcast protocol | |
| WO2021120871A1 (en) | Authentication key negotiation method and apparatus, storage medium and device | |
| US20050221766A1 (en) | Method and apparatus to perform dynamic attestation | |
| CN116961973A (en) | Data transmission methods, devices, electronic equipment and computer-readable storage media | |
| CN113132087A (en) | Internet of things, identity authentication and secret communication method, chip, equipment and medium | |
| EP3939202A1 (en) | Method and apparatus for effecting a data-based activity | |
| CN115766119A (en) | Communication method, device, communication system and storage medium | |
| CN115766066A (en) | Data transmission method, device, secure communication system and storage medium | |
| US20240056295A1 (en) | Verifiable remote resource management for cryptographic devices | |
| CN119051878A (en) | Method and system for data encryption transmission | |
| CN115022057A (en) | Security authentication method, device and device, and storage medium | |
| CN115333727A (en) | A method and device for generating a key | |
| CN118643919B (en) | Federated learning method and system based on multi-key | |
| CN118199881B (en) | Multiplexing method and device for multi-source heterogeneous password resource pool | |
| CN110784318B (en) | Group key updating method, device, electronic equipment, storage medium and communication system | |
| CN119966722A (en) | A data communication encryption implementation method for the Internet of Things | |
| HK40047469B (en) | Method and system for generating dynamic key | |
| CN112751858A (en) | Data encryption communication terminal method, device, terminal, server and storage medium | |
| CN117574408B (en) | Production materials management method, device and electronic equipment based on blockchain | |
| US20250132904A1 (en) | Reusing Resumption Secrets Obtained from Post-Quantum Ciphers | |
| CN116112241B (en) | Software and hardware combined safety communication method and system for self-service equipment |