[go: up one dir, main page]

TWI859857B - Security credential management system and method based on key expansion - Google Patents

Security credential management system and method based on key expansion Download PDF

Info

Publication number
TWI859857B
TWI859857B TW112117885A TW112117885A TWI859857B TW I859857 B TWI859857 B TW I859857B TW 112117885 A TW112117885 A TW 112117885A TW 112117885 A TW112117885 A TW 112117885A TW I859857 B TWI859857 B TW I859857B
Authority
TW
Taiwan
Prior art keywords
rsa
key
public keys
parameter
caterpillar
Prior art date
Application number
TW112117885A
Other languages
Chinese (zh)
Other versions
TW202447458A (en
Inventor
陳志華
林峻鋒
林邦曄
繆嘉新
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW112117885A priority Critical patent/TWI859857B/en
Application granted granted Critical
Publication of TWI859857B publication Critical patent/TWI859857B/en
Publication of TW202447458A publication Critical patent/TW202447458A/en

Links

Images

Landscapes

  • Lock And Its Accessories (AREA)

Abstract

A security credential management system and method based on key expansion is provided, the system includes at least one high-efficiency terminal device, a high-efficiency registration center and a high- efficiency authorization credential center. The high-efficiency terminal device includes a RSA key production module for producing RSA caterpillar key pairs. The high-efficiency registration center is communicated connected with the at least one terminal device, the high-efficiency registration center includes the second RSA key expansion module, which is used to receive the RSA caterpillar key pairs and produce a plurality of RSA cocoon public keys. The high- efficiency authorization credential center is communicated connected with the high-efficiency registration center, the high- efficiency authorization credential center includes a first RSA key expansion module, which is used to receive the RSA cocoon public keys and produce a plurality of RSA butterfly public keys.

Description

基於金鑰擴展的安全憑證管理系統及其方法Security certificate management system and method based on key expansion

本發明是有關於一種安全憑證管理系統及其方法,且特別是有關於一種基於金鑰擴展的安全憑證管理系統及其方法。The present invention relates to a security certificate management system and method thereof, and in particular to a security certificate management system and method thereof based on key expansion.

目前在車聯網資安憑證管理系統中,為提升車輛傳輸的隱私和保密,在車聯網通訊標準中加入假名憑證機制。為建立假名憑證機制,在車聯網資安憑證管理系統中結合金鑰擴展方法,在既有的公鑰基礎下提供擴展後公鑰對作為假名憑證。Currently, in the vehicle network information security certificate management system, in order to enhance the privacy and confidentiality of vehicle transmission, a pseudonymous certificate mechanism is added to the vehicle network communication standard. In order to establish a pseudonymous certificate mechanism, a gold key expansion method is combined in the vehicle network information security certificate management system, and an expanded public key pair is provided as a pseudonymous certificate based on the existing public key.

IEEE 1609.2.1標準在車聯網安全憑證管理系統(Security Credential Management System, SCMS)中,提出了一種蝴蝶金鑰擴展 (Butterfly Key Expansion, BKE)的機制,可以讓車輛提出一次憑證請求,且僅包含單一金鑰,即可大量獲得所需的假名憑證 (Pseudonymous Certificate),而且還具有下列特性:每張憑證公開金鑰都是不同的,且連註冊中心(Registration Authority, RA)或授權憑證中心(Authorization Certificate Authority, ACA)都無法藉由其憑證公開資訊得知真實用戶身分。每張憑證對應之私鑰仍僅有該用戶擁有。The IEEE 1609.2.1 standard proposes a Butterfly Key Expansion (BKE) mechanism in the Security Credential Management System (SCMS) for connected vehicle networks. This mechanism allows vehicles to obtain a large number of required pseudonymous certificates with a single certificate request, and also has the following characteristics: the public key of each certificate is different, and even the Registration Authority (RA) or the Authorization Certificate Authority (ACA) cannot know the true identity of the user through the public information of the certificate. The private key corresponding to each certificate is still owned only by the user.

圖1係IEEE 1609.2.1之安全憑證管理系統的系統架構圖。該安全憑證管理系統至少包含授權憑證中心101(Authorization Certificate Authority, ACA)、註冊中心102(Registration Authority)、以及複數個終端設備103(End Entity, EE)。FIG1 is a system architecture diagram of a security certificate management system of IEEE 1609.2.1. The security certificate management system at least includes an authorization certificate authority 101 (ACA), a registration authority 102 (Registration Authority), and a plurality of end entities 103 (EE).

授權憑證中心101可以簽發授權憑證(Authorization Certificate, AC)授予終端設備103,並且為了保護終端設備103的隱私性和安全性,授權憑證中心101可以簽發複數個假名憑證(Pseudonym Certificate, PC)給終端設備103,讓終端設備103可以使用該些假名憑證進行通訊,避免終端設備103經常暴露其該授權憑證。註冊中心102負責終端設備103的註冊審核管理。The authorization certificate center 101 can issue an authorization certificate (AC) to the terminal device 103, and in order to protect the privacy and security of the terminal device 103, the authorization certificate center 101 can issue multiple pseudonym certificates (PC) to the terminal device 103, so that the terminal device 103 can use these pseudonym certificates for communication, avoiding the terminal device 103 from frequently exposing its authorization certificate. The registration center 102 is responsible for the registration review management of the terminal device 103.

圖2係IEEE 1609.2.1之蝴蝶金鑰擴展方法的流程圖。終端設備103可以產製毛蟲金鑰對,再由註冊中心102產製複數個繭公鑰,以及由授權憑證中心101產製複數個蝴蝶公鑰,最後由終端設備103產製複數個繭私鑰和複數個蝴蝶私鑰。FIG2 is a flow chart of the butterfly key extension method of IEEE 1609.2.1. The terminal device 103 can generate a caterpillar key pair, and then the registration center 102 generates a plurality of cocoon public keys, and the authorization certificate center 101 generates a plurality of butterfly public keys, and finally the terminal device 103 generates a plurality of cocoon private keys and a plurality of butterfly private keys.

蝴蝶金鑰擴展方法的步驟S201係由終端設備103產製複數個高級加密標準演算法(Advanced Encryption Standard, AES)金鑰及橢圓曲線密碼學(Elliptic Curve Cryptography, ECC)金鑰對。其中步驟S201主要包括步驟1a、1b、1c以及1d。In step S201 of the butterfly key expansion method, the terminal device 103 generates a plurality of Advanced Encryption Standard (AES) key pairs and Elliptic Curve Cryptography (ECC) key pairs. Step S201 mainly includes steps 1a, 1b, 1c and 1d.

步驟1a中,終端設備103產製AES金鑰ck,作為簽章使用,參數ck係對稱式金鑰;In step 1a, the terminal device 103 generates an AES key ck for use as a signature, and the parameter ck is a symmetric key;

步驟1b中,終端設備103產製AES金鑰ek,作為加密使用,參數ek係對稱式金鑰;In step 1b, the terminal device 103 generates an AES key ek for encryption, and the parameter ek is a symmetric key;

步驟1c中,終端設備103產製ECC金鑰對 ,作為毛蟲金鑰對,簽章使用,參數a係私鑰、參數A係公鑰、參數G係橢圓曲線的基準點; In step 1c, the terminal device 103 generates an ECC key pair , as the caterpillar key pair, used for signature, parameter a is the private key, parameter A is the public key, parameter G is the reference point of the ellipse curve;

步驟1d中,終端設備103產製ECC金鑰對 ,作為毛蟲金鑰對,簽章使用,參數p係私鑰、參數P係公鑰、參數G係橢圓曲線的基準點。 In step 1d, the terminal device 103 generates an ECC key pair , as the caterpillar key pair, used for signature, parameter p is the private key, parameter P is the public key, and parameter G is the reference point of the elliptical curve.

蝴蝶金鑰擴展方法的步驟S202係由終端設備103將產製的對稱式金鑰及毛蟲公鑰(ck, ek, A, P)發送給註冊中心102。In step S202 of the butterfly key expansion method, the terminal device 103 sends the generated symmetric key and caterpillar public key (ck, ek, A, P) to the registration center 102.

蝴蝶金鑰擴展方法的步驟S203係由註冊中心102根據毛蟲公鑰產製複數個繭公鑰,其中步驟S203主要包括步驟3a以及步驟3b。In step S203 of the butterfly key expansion method, the registration center 102 generates a plurality of cocoon public keys according to the caterpillar public key, wherein step S203 mainly includes step 3a and step 3b.

步驟3a中,註冊中心102產製複數個繭公鑰 ,參數i係一增量整數、函數f1係一基於AES加密演算法的擴展函數,可運用AES金鑰ck加密參數i值,得到一整數密文; In step 3a, the registration center 102 generates multiple public keys , parameter i is an incremental integer, function f1 is an extended function based on the AES encryption algorithm, and the AES key ck can be used to encrypt the parameter i value to obtain an integer ciphertext;

步驟3b中,註冊中心102產製複數個繭公鑰 ,參數i係一增量整數、函數f2係一基於AES加密演算法的擴展函數,可運用AES金鑰ek加密參數i值,得到一整數密文。 In step 3b, the registration center 102 generates multiple public keys , parameter i is an incremental integer, function f2 is an extended function based on the AES encryption algorithm, and the AES key ek can be used to encrypt the parameter i value to obtain an integer ciphertext.

蝴蝶金鑰擴展方法的步驟S204係由註冊中心102將產製的複數個繭公鑰(Bi, Qi)發送給授權憑證中心101。In step S204 of the butterfly key expansion method, the registration center 102 sends the generated multiple butterfly public keys (Bi, Qi) to the certification center 101.

蝴蝶金鑰擴展方法的步驟S205係由授權憑證中心101根據該些繭公鑰產製複數個蝴蝶公鑰,該些蝴蝶公鑰可以作為假名憑證的公鑰加密使用,其中步驟S205主要包括步驟5a、步驟5b以及步驟5c。In step S205 of the butterfly key expansion method, the certificate authority 101 generates a plurality of butterfly public keys according to the cocoon public keys. The butterfly public keys can be used as public key encryption for pseudonymous certificates. Step S205 mainly includes step 5a, step 5b and step 5c.

步驟5a中,授權憑證中心101產製ECC金鑰對 ,參數c係私鑰、參數C係公鑰、參數G係橢圓曲線的基準點; In step 5a, the CA 101 generates an ECC key pair , parameter c is the private key, parameter C is the public key, and parameter G is the base point of the ellipse curve;

步驟5b中,授權憑證中心101產製複數個蝴蝶公鑰(Bi + C);In step 5b, the certification authority 101 generates a plurality of butterfly public keys (Bi + C);

步驟5c中,授權憑證中心101運用該些Qi作為公鑰以橢圓曲線整合加密機制(Elliptic Curve Integrated Encryption Scheme, ECIES)演算法對c加密和簽章,c的密文係c’。In step 5c, the CA 101 uses the Qi as public keys to encrypt and sign c using the Elliptic Curve Integrated Encryption Scheme (ECIES) algorithm. The ciphertext of c is c’.

蝴蝶金鑰擴展方法的步驟S206係由授權憑證中心101發送密文c’和簽章給註冊中心102。Step S206 of the butterfly key expansion method is that the authorization certificate center 101 sends the ciphertext c’ and the signature to the registration center 102.

蝴蝶金鑰擴展方法的步驟S207係由註冊中心102發送複數個i值及其對應的密文c’和簽章給終端設備103。Step S207 of the butterfly key expansion method is that the registration center 102 sends a plurality of i values and their corresponding ciphertext c’ and signature to the terminal device 103.

蝴蝶金鑰擴展方法的步驟S208係由終端設備103根據該些i值產製複數個繭私鑰,其中步驟S208主要包括步驟8a以及步驟8b。In step S208 of the butterfly key expansion method, the terminal device 103 generates a plurality of private keys according to the i values, wherein step S208 mainly includes step 8a and step 8b.

步驟8a中,終端設備103產製複數個繭私鑰 ,函數f1係一基於AES加密演算法的擴展函數與上述0014段所提之函數f1相同,可運用AES金鑰ck加密參數i值,得到一整數密文、參數n係橢圓曲線的階; In step 8a, the terminal device 103 generates a plurality of private keys. , function f1 is an extended function based on the AES encryption algorithm and is the same as the function f1 mentioned in the above paragraph 0014, which can use the AES key ck to encrypt the parameter i value to obtain an integer ciphertext, and the parameter n is the order of the ellipse curve;

步驟8b中,終端設備103產製複數個繭私鑰 ,函數f2係一基於AES加密演算法的擴展函數與0015段所提之函數f2相同,可運用AES金鑰ek加密參數i值,得到一整數密文、參數n係橢圓曲線的階。 In step 8b, the terminal device 103 generates a plurality of private keys. Function f2 is an extended function based on the AES encryption algorithm and is the same as the function f2 mentioned in paragraph 0015. It can use the AES key ek to encrypt the parameter i value to obtain an integer ciphertext. The parameter n is the order of the elliptical curve.

蝴蝶金鑰擴展方法的步驟S209係由終端設備103根據繭私鑰qi解密取得c值,並且運用繭私鑰bi和c值產製蝴蝶私鑰,該些蝴蝶私鑰可作為假名憑證的私鑰簽章或解密使用,其中步驟S209主要包括步驟9a、步驟9b。In step S209 of the butterfly key expansion method, the terminal device 103 decrypts the value c according to the coil private key qi, and uses the coil private key bi and the value c to generate a butterfly private key. These butterfly private keys can be used as private key signatures or decryption of pseudonymous certificates. Step S209 mainly includes step 9a and step 9b.

步驟9a中,終端設備103運用繭私鑰qi解密密文c’,取得明文c;In step 9a, the terminal device 103 uses the private key qi to decrypt the ciphertext c' and obtain the plaintext c;

步驟9b中,終端設備103產製複數個蝴蝶私鑰 ,參數n係橢圓曲線的階。 In step 9b, the terminal device 103 generates a plurality of butterfly private keys , the parameter n is the order of the elliptical curve.

上述習知之蝴蝶金鑰擴展方法運用橢圓曲線密碼學方法在既有的公鑰基礎下提供擴展後公鑰對作為假名憑證,但此方法中進行公鑰擴展的運算時間較長,效率較低,且註冊中心102無法取得參數C,從而無法從蝴蝶公鑰反推繭公鑰,授權憑證中心101無法取得密文c’,而無法從繭公鑰反推毛蟲公鑰。The above-mentioned butterfly key expansion method uses elliptical curve cryptography to provide an expanded public key pair as a pseudonymous certificate based on an existing public key. However, the calculation time for public key expansion in this method is long and the efficiency is low. In addition, the registration center 102 cannot obtain the parameter C, and thus cannot infer the cocoon public key from the butterfly public key. The authorization certificate center 101 cannot obtain the ciphertext c' and cannot infer the caterpillar public key from the cocoon public key.

本發明提供一種基於金鑰擴展的安全憑證管理系統及其方法, 可以快速產製複數個公鑰作為假名憑證,且擴展金鑰效率更高。The present invention provides a security certificate management system and method based on key expansion, which can quickly generate multiple public keys as pseudonymous certificates and has higher key expansion efficiency.

本發明的一種基於金鑰擴展的安全憑證管理系統,包括至少一高效率終端設備、高效率註冊中心以及高效率授權憑證中心。至少一高效率終端設備包括RSA金鑰產製模組,用以產製RSA毛蟲金鑰對。高效率註冊中心與至少一高效率終端設備通訊連接,高效率註冊中心包括第二RSA金鑰擴展模組,第二RSA金鑰擴展模組用以接收RSA毛蟲金鑰對,產製複數個RSA繭公鑰。高效率授權憑證中心與高效率註冊中心通訊連接,高效率授權憑證中心包括第一RSA金鑰擴展模組,第一RSA金鑰擴展模組用以接收該些RSA繭公鑰,產製複數個RSA蝴蝶公鑰。The invention discloses a security certificate management system based on key expansion, comprising at least one high-efficiency terminal device, a high-efficiency registration center and a high-efficiency authorization certificate center. At least one high-efficiency terminal device comprises an RSA key production module for producing RSA caterpillar key pairs. The high-efficiency registration center is connected to the at least one high-efficiency terminal device for communication, and the high-efficiency registration center comprises a second RSA key expansion module for receiving RSA caterpillar key pairs and producing a plurality of RSA cocoon public keys. The high-efficiency authorization certificate center is connected to the high-efficiency registration center. The high-efficiency authorization certificate center includes a first RSA key expansion module. The first RSA key expansion module is used to receive the RSA cocoon public keys and generate a plurality of RSA butterfly public keys.

本發明的一種基於金鑰擴展的安全憑證管理方法,包括:經由包括RSA金鑰產製模組的至少一高效率終端設備產製RSA毛蟲金鑰對;經由包括第二RSA金鑰擴展模組的高效率註冊中心接收RSA毛蟲金鑰對,產製複數個RSA繭公鑰;以及經由包括第一RSA金鑰擴展模組的高效率授權憑證中心接收該些RSA繭公鑰,產製複數個RSA蝴蝶公鑰。The present invention discloses a security certificate management method based on key expansion, comprising: generating an RSA caterpillar key pair via at least one high-efficiency terminal device including an RSA key generation module; receiving the RSA caterpillar key pair via a high-efficiency registration center including a second RSA key expansion module to generate a plurality of RSA cocoon public keys; and receiving the RSA cocoon public keys via a high-efficiency authorization certificate center including a first RSA key expansion module to generate a plurality of RSA butterfly public keys.

基於上述,本發明提供一種基於金鑰擴展的安全憑證管理系統及其方法, 在車聯網通訊標準中加入假名憑證機制,提供擴展後公鑰對作為假名憑證,不僅提升車輛傳輸的隱私和保密,而且進行公鑰擴展的運算時間遠低於產製全新金鑰對的運算時間,且可以快速產製複數個公鑰作為假名憑證,擴展金鑰效率更高。Based on the above, the present invention provides a security certificate management system and method based on key expansion, adds a pseudonymous certificate mechanism to the vehicle network communication standard, and provides an expanded public key pair as a pseudonymous certificate, which not only improves the privacy and confidentiality of vehicle transmission, but also the calculation time for public key expansion is much lower than the calculation time for generating a new key pair, and can quickly generate multiple public keys as pseudonymous certificates, and the key expansion efficiency is higher.

為讓本發明的上述特徵和優點能更明顯易懂,下文特舉實施例,並配合所附圖式作詳細說明如下。In order to make the above features and advantages of the present invention more clearly understood, embodiments are specifically cited below and described in detail with reference to the accompanying drawings.

本發明的部份實施例接下來將會配合附圖來詳細描述,以下的描述所引用的元件符號,當不同附圖出現相同的元件符號將視為相同或相似的元件。這些實施例只是本發明的一部份,並未揭示所有本發明的可實施方式。Some embodiments of the present invention will be described in detail below with reference to the accompanying drawings. When the same element symbols appear in different drawings, they will be regarded as the same or similar elements. These embodiments are only part of the present invention and do not disclose all possible implementations of the present invention.

圖3是依照本發明的一實施例的基於金鑰擴展的安全憑證管理系統的系統架構圖。FIG3 is a system architecture diagram of a security certificate management system based on key expansion according to an embodiment of the present invention.

請參照圖3,基於金鑰擴展的安全憑證管理系統在車聯網通訊標準中加入假名憑證機制,提供擴展後公鑰對作為假名憑證,基於金鑰擴展的安全憑證管理系統包括至少一高效率終端設備303、高效率註冊中心302以及高效率授權憑證中心301。至少一高效率終端設備303包括RSA金鑰產製模組3031,用以產製RSA毛蟲金鑰對。高效率註冊中心302與至少一高效率終端設備303通訊連接,高效率註冊中心302包括第二RSA金鑰擴展模組3021,第二RSA金鑰擴展模組3021用以接收RSA毛蟲金鑰對,產製複數個RSA繭公鑰。高效率授權憑證中心301與高效率註冊中心302通訊連接,高效率授權憑證中心301包括第一RSA金鑰擴展模組3011,第一RSA金鑰擴展模組3011用以接收該些RSA繭公鑰,產製複數個RSA蝴蝶公鑰。Please refer to FIG3 , the key-based security certificate management system adds a pseudonymous certificate mechanism to the vehicle network communication standard, provides an extended public key pair as a pseudonymous certificate, and includes at least one high-efficiency terminal device 303, a high-efficiency registration center 302, and a high-efficiency authorization certificate center 301. At least one high-efficiency terminal device 303 includes an RSA key generation module 3031 for generating an RSA caterpillar key pair. The high-efficiency registration center 302 is connected to at least one high-efficiency terminal device 303. The high-efficiency registration center 302 includes a second RSA key expansion module 3021. The second RSA key expansion module 3021 is used to receive the RSA caterpillar key pair and generate a plurality of RSA cocoon public keys. The high-efficiency authorization certificate center 301 is connected to the high-efficiency registration center 302. The high-efficiency authorization certificate center 301 includes a first RSA key expansion module 3011. The first RSA key expansion module 3011 is used to receive the RSA cocoon public keys and generate a plurality of RSA butterfly public keys.

高效率終端設備303、高效率註冊中心302以及高效率授權憑證中心301可透過軟體、韌體、硬體電路的其中之一或其任意組合來實作,且本揭露不對高效率終端設備303、高效率註冊中心302以及高效率授權憑證中心301的實作方式作出限制。The high-efficiency terminal device 303, the high-efficiency registration center 302, and the high-efficiency authorization certificate center 301 can be implemented through software, firmware, hardware circuits, or any combination thereof, and the present disclosure does not limit the implementation method of the high-efficiency terminal device 303, the high-efficiency registration center 302, and the high-efficiency authorization certificate center 301.

具體而言,為了保護高效率終端設備303的隱私性和安全性,高效率授權憑證中心301可以簽發複數個假名憑證給至少一高效率終端設備303,讓高效率終端設備303可以使用假名憑證進行通訊,避免高效率終端設備303經常暴露其授權憑證,高效率註冊中心302負責高效率終端設備303的註冊審核管理。Specifically, in order to protect the privacy and security of the high-efficiency terminal device 303, the high-efficiency authorization certificate center 301 can issue multiple pseudonym certificates to at least one high-efficiency terminal device 303, so that the high-efficiency terminal device 303 can use the pseudonym certificate to communicate, avoiding the high-efficiency terminal device 303 from frequently exposing its authorization certificate. The high-efficiency registration center 302 is responsible for the registration review management of the high-efficiency terminal device 303.

以下結合第一至第三實施例來說明基於金鑰擴展的安全憑證管理系統如何RSA毛蟲金鑰對、複數個RSA繭公鑰以及複數個RSA蝴蝶公鑰,以於使用RSA蝴蝶公鑰作為假名憑證的公鑰加密使用,且由高效率終端設備303使用RSA毛蟲私鑰進行簽章或解密使用,並且使用高效率授權憑證中心長效公鑰加密擴展係數γ,得到密文γ’以及使用高效率授權憑證中心長效私鑰對密文γ’進行解密。The following combines the first to third embodiments to illustrate how the security certificate management system based on key expansion uses an RSA caterpillar key pair, multiple RSA cocoon public keys, and multiple RSA butterfly public keys, so as to use the RSA butterfly public key as the public key encryption of the pseudonymous certificate, and the high-efficiency terminal device 303 uses the RSA caterpillar private key for signing or decryption, and uses the high-efficiency authorization certificate center long-term public key to encrypt the expansion coefficient γ to obtain the ciphertext γ' and use the high-efficiency authorization certificate center long-term private key to decrypt the ciphertext γ'.

圖4為依照本發明的一第一實施例的基於金鑰擴展的安全憑證管理方法的流程圖。FIG4 is a flow chart of a security certificate management method based on key expansion according to a first embodiment of the present invention.

請參照圖4,於步驟S401中,高效率終端設備303產製RSA毛蟲金鑰對(s, S, φ),並且依據RSA毛蟲金鑰對(s, S, φ)及公式1獲取擴展係數λ,其中, 公式1 Referring to FIG. 4 , in step S401, the high-efficiency terminal device 303 generates an RSA caterpillar key pair (s, S, φ), and obtains an expansion coefficient λ according to the RSA caterpillar key pair (s, S, φ) and formula 1, where: Formula 1

λ係擴展係數、參數s係毛蟲私鑰、參數S係毛蟲公鑰、參數φ係RSA毛蟲金鑰對的階、參數g係隨機整數、參數h係隨機質數。λ is the expansion coefficient, parameter s is the caterpillar private key, parameter S is the caterpillar public key, parameter φ is the order of the RSA caterpillar key pair, parameter g is a random integer, and parameter h is a random prime number.

於第一實施例中,以10比特(bits)的整數為例進行說明,但實際上線系統得設定為2048比特以上的整數。In the first embodiment, a 10-bit integer is used as an example for explanation, but the actual online system must be set to an integer larger than 2048 bits.

於步驟S401中,運用RSA演算法隨機挑選兩質數分別為991和827,兩質數相乘後可得N係819557,並運用兩質數各減一後相乘得 ;運用φ取得毛蟲私鑰 、毛蟲公鑰 ,毛蟲私鑰s和毛蟲公鑰S符合條件 ,則一正整數x可得 ;隨機產生整數 ,則 In step S401, two prime numbers 991 and 827 are randomly selected using the RSA algorithm. The two prime numbers are multiplied to obtain N = 819557. The two prime numbers are subtracted by one and then multiplied to obtain ; Use φ to obtain the caterpillar private key , Caterpillar public key , Caterpillar private key s and Caterpillar public key S meet the conditions , then a positive integer x can be obtained ; Randomly generate integers , , then .

於步驟S402中,高效率終端設備303發送( S, λ)至高效率註冊中心302。其中,高效率終端設備303將產製的毛蟲公鑰及擴展係數 發送給高效率註冊中心302。 In step S402, the high-efficiency terminal device 303 sends (S, λ) to the high-efficiency registration center 302. The high-efficiency terminal device 303 generates the caterpillar public key and the expansion coefficient. Sent to High Efficiency Registration Center 302.

於步驟S403中,第二RSA金鑰擴展模組依據該RSA毛蟲金鑰對(s, S, φ)、該擴展係數λ以及公式2產製複數個RSA繭公鑰,其中, 公式2 In step S403, the second RSA key expansion module generates a plurality of RSA cocoon public keys according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and formula 2, wherein, Formula 2

其中λ係擴展係數、參數S係毛蟲公鑰、參數ri係整數、該Gi係RSA繭公鑰。Where λ is the expansion coefficient, parameter S is the caterpillar public key, parameter ri is an integer, and Gi is the RSA cocoon public key.

以產生兩個RSA繭公鑰為例:以 為例,RSA繭公鑰 ;以 為例,RSA繭公鑰 Take the generation of two RSA public keys as an example: For example, RSA public key ;by For example, RSA public key .

於步驟S404中,高效率註冊中心302發送複數個RSA繭公鑰( Gi, λ) 至高效率授權憑證中心301。其中高效率註冊中心302將產製的該些RSA繭公鑰及擴展係數 發送給高效率授權憑證中心301。 In step S404, the high-efficiency registration center 302 sends a plurality of RSA coil public keys (Gi, λ) to the high-efficiency certification center 301. The high-efficiency registration center 302 generates the RSA coil public keys and the expansion coefficients. Sent to the high-efficiency authorization certificate center 301.

於步驟S405中,高效率授權憑證中心301中的第一RSA金鑰擴展模組3011依據該些RSA繭公鑰、該擴展係數λ以及公式3產製複數個RSA蝴蝶公鑰,其中, 公式3 In step S405, the first RSA key expansion module 3011 in the high-efficiency certification center 301 generates a plurality of RSA butterfly public keys according to the RSA butterfly public keys, the expansion coefficient λ and formula 3, wherein: Formula 3

其中λ係擴展係數、參數oi係整數、Gi係RSA繭公鑰、Hi係RSA蝴蝶公鑰。Where λ is the expansion coefficient, parameter oi is an integer, Gi is the RSA cocoon public key, and Hi is the RSA butterfly public key.

以產生兩個RSA蝴蝶公鑰為例:以 為例,RSA蝴蝶公鑰 ;以 為例,RSA蝴蝶公鑰 Take the generation of two RSA butterfly public keys as an example: For example, RSA butterfly public key ;by For example, RSA butterfly public key .

其中參數ri係一時間整數、參數oi係一時間整數,該時間整數得係2004/01/01 00:00:00到當下時間的秒數;以當下時間係2022/12/13 15:22:01,則時間整數係598029721,可以此作為ri或oi的值。The parameter ri is a time integer, and the parameter oi is a time integer. The time integer must be the number of seconds from 2004/01/01 00:00:00 to the current time. If the current time is 2022/12/13 15:22:01, the time integer is 598029721, which can be used as the value of ri or oi.

圖5為依照本發明的一第二實施例的基於金鑰擴展的安全憑證管理方法的流程圖。FIG5 is a flow chart of a security certificate management method based on key expansion according to a second embodiment of the present invention.

請參照圖5,於步驟S501中,高效率終端設備303產製RSA毛蟲金鑰對(s, S, φ) ,依據RSA毛蟲金鑰對(s, S, φ)及公式1獲取擴展係數λ,其中, 公式1 5, in step S501, the high-efficiency terminal device 303 generates an RSA caterpillar key pair (s, S, φ), and obtains the expansion coefficient λ according to the RSA caterpillar key pair (s, S, φ) and formula 1, where Formula 1

其中λ係擴展係數、參數s係毛蟲私鑰、參數S係毛蟲公鑰、參數φ係RSA毛蟲金鑰對的階、參數g係隨機整數、參數h係隨機質數。Where λ is the expansion coefficient, parameter s is the caterpillar private key, parameter S is the caterpillar public key, parameter φ is the order of the RSA caterpillar key pair, parameter g is a random integer, and parameter h is a random prime number.

於步驟S502中,高效率終端設備303發送( S, λ)至高效率註冊中心302。In step S502, the high-efficiency terminal device 303 sends (S, λ) to the high-efficiency registration center 302.

於步驟S503中,高效率註冊中心302中的第二RSA金鑰擴展模組3021依據RSA毛蟲金鑰對(s, S, φ)、擴展係數λ以及公式2產製RSA繭公鑰,並且依據公式4獲取擴展係數μ,其中, 公式2 公式4 In step S503, the second RSA key expansion module 3021 in the high-efficiency registration center 302 generates an RSA cocoon public key according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and Formula 2, and obtains the expansion coefficient μ according to Formula 4, where Formula 2 Formula 4

其中λ、μ係擴展係數、參數S係毛蟲公鑰、參數ri係一整數、Gi係RSA繭公鑰、參數u係隨機整數。Where λ and μ are expansion coefficients, parameter S is the caterpillar public key, parameter ri is an integer, Gi is the RSA cocoon public key, and parameter u is a random integer.

以產生兩個RSA繭公鑰為例:以 為例,RSA繭公鑰 ;以 為例,RSA繭公鑰 ;以 為例, Take the generation of two RSA public keys as an example: For example, RSA public key ;by For example, RSA public key ;by For example, .

於步驟S504中,高效率註冊中心302發送複數個RSA繭公鑰( Gi, μ) 至高效率授權憑證中心301。其中高效率註冊中心302將產製的該些RSA繭公鑰及擴展係數 發送至高效率授權憑證中心301。 In step S504, the high-efficiency registration center 302 sends a plurality of RSA coil public keys (Gi, μ) to the high-efficiency certification center 301. The high-efficiency registration center 302 generates the RSA coil public keys and expansion coefficients. Sent to the high-efficiency authorization certificate center 301.

於步驟S505中,第一RSA金鑰擴展模組3011依據RSA繭公鑰、擴展係數μ以及公式5產製RSA蝴蝶公鑰,其中, 公式5 In step S505, the first RSA key expansion module 3011 generates an RSA butterfly public key according to the RSA butterfly public key, the expansion coefficient μ and formula 5, wherein: Formula 5

其中μ係擴展係數、參數oi係一整數、Gi係RSA繭公鑰、Hi係RSA蝴蝶公鑰。Where μ is the expansion coefficient, parameter oi is an integer, Gi is the RSA coil public key, and Hi is the RSA butterfly public key.

以產生兩個RSA蝴蝶公鑰為例:以 為例,RSA蝴蝶公鑰 ;以 為例,RSA蝴蝶公鑰 Take the generation of two RSA butterfly public keys as an example: For example, RSA butterfly public key ;by For example, RSA butterfly public key .

圖6為依照本發明的一第三實施例的基於金鑰擴展的安全憑證管理方法的流程圖。FIG6 is a flow chart of a security certificate management method based on key expansion according to a third embodiment of the present invention.

請參照圖6,於步驟S601中,高效率終端設備303產製RSA毛蟲金鑰對(s, S, φ),依據RSA毛蟲金鑰對(s, S, φ)、公式1獲取擴展係數λ,並且依據RSA毛蟲金鑰對(s, S, φ)及公式6獲取擴展係數γ,並且高效率終端設備303運用高效率授權憑證中心301的高效率授權憑證中心長效公鑰加密γ,得到密文γ’,其中, 公式1 公式6 Please refer to FIG. 6. In step S601, the high-efficiency terminal device 303 generates an RSA caterpillar key pair (s, S, φ), obtains an expansion coefficient λ according to the RSA caterpillar key pair (s, S, φ) and formula 1, and obtains an expansion coefficient γ according to the RSA caterpillar key pair (s, S, φ) and formula 6, and the high-efficiency terminal device 303 uses the high-efficiency authorization certificate center long-term public key of the high-efficiency authorization certificate center 301 to encrypt γ to obtain a ciphertext γ', wherein, Formula 1 Formula 6

其中λ及γ係擴展係數、參數s係毛蟲私鑰、參數S係毛蟲公鑰、參數φ係RSA毛蟲金鑰對的階、參數g係隨機整數、參數h係隨機質數、參數v係隨機整數。Where λ and γ are expansion coefficients, parameter s is the caterpillar private key, parameter S is the caterpillar public key, parameter φ is the order of the RSA caterpillar key pair, parameter g is a random integer, parameter h is a random prime number, and parameter v is a random integer.

在第三實施例中,運用RSA演算法隨機挑選兩質數分別為991和827,兩質數相乘後可得N係819557,並運用兩質數各減一後相乘得 ;運用φ取得毛蟲私鑰 、毛蟲公鑰 ,毛蟲私鑰s和毛蟲公鑰S符合條件 ,則一正整數x可得 ;隨機產生整數 ,則 ;運用高效率授權憑證中心長效公鑰加密481499213580,得到密文γ’。 In the third embodiment, two prime numbers 991 and 827 are randomly selected using the RSA algorithm. The two prime numbers are multiplied to obtain N = 819557. The two prime numbers are subtracted by one and then multiplied to obtain ; Use φ to obtain the caterpillar private key , Caterpillar public key , Caterpillar private key s and Caterpillar public key S meet the conditions , then a positive integer x can be obtained ; Randomly generate integers , , , then , ; Use the high-efficiency authorization certificate center long-term public key to encrypt 481499213580 and obtain the ciphertext γ'.

於步驟S602中,高效率終端設備303發送( S, λ, γ’)至高效率註冊中心302。其中高效率終端設備303將 發送給高效率註冊中心302。 In step S602, the high-efficiency terminal device 303 sends (S, λ, γ') to the high-efficiency registration center 302. The high-efficiency terminal device 303 Sent to High Efficiency Registration Center 302.

於步驟S603中,高效率註冊中心302的第二RSA金鑰擴展模組3021依據參數S、擴展係數λ、密文γ’以及公式2產製RSA繭公鑰,且第二RSA金鑰擴展模組3021依據擴展係數λ以及公式4獲取擴展係數μ,其中, 公式2 公式4 In step S603, the second RSA key expansion module 3021 of the high-efficiency registration center 302 generates an RSA public key according to the parameter S, the expansion coefficient λ, the ciphertext γ' and formula 2, and the second RSA key expansion module 3021 obtains the expansion coefficient μ according to the expansion coefficient λ and formula 4, wherein, Formula 2 Formula 4

其中λ、μ係擴展係數、參數S係毛蟲公鑰、參數ri係一整數、Gi係RSA繭公鑰、參數u係隨機整數。Where λ and μ are expansion coefficients, parameter S is the caterpillar public key, parameter ri is an integer, Gi is the RSA cocoon public key, and parameter u is a random integer.

於步驟S604中,高效率註冊中心302發送複數個RSA繭公鑰( Gi, μ,γ’) 至高效率授權憑證中心301。其中高效率註冊中心302將 發送給高效率授權憑證中心301。 In step S604, the high-efficiency registration center 302 sends a plurality of RSA public keys (Gi, μ, γ') to the high-efficiency certification center 301. Sent to the high-efficiency authorization certificate center 301.

於步驟S605中,高效率授權憑證中心301運用毛蟲私鑰解密密文γ’, 得到明文γ,並且第一RSA金鑰擴展模組3011依據RSA繭公鑰、擴展係數μ、明文γ以及公式7產製RSA蝴蝶公鑰,其中, 公式7 In step S605, the high-efficiency certification center 301 uses the caterpillar private key to decrypt the ciphertext γ' to obtain the plaintext γ, and the first RSA key expansion module 3011 generates the RSA butterfly public key according to the RSA cocoon public key, the expansion coefficient μ, the plaintext γ and formula 7, where Formula 7

其中μ係擴展係數、參數oi係一整數、Gi係RSA繭公鑰、Hi係RSA蝴蝶公鑰。Where μ is the expansion coefficient, parameter oi is an integer, Gi is the RSA coil public key, and Hi is the RSA butterfly public key.

由產製RSA蝴蝶公鑰的步驟可運用高效率授權憑證中心長效私鑰解密密文γ’,得到明文 ,並且可計算 產製複數個RSA蝴蝶公鑰,參數oi係一整數。 The steps of generating RSA butterfly public key can be used to decrypt the ciphertext γ' using the long-term private key of the high-efficiency authorization certificate center to obtain the plaintext , and can be calculated Generate multiple RSA butterfly public keys. The parameter oi is an integer.

以產生兩個RSA蝴蝶公鑰為例:以 為例,RSA蝴蝶公鑰 ;以 為例,RSA蝴蝶公鑰 Take the generation of two RSA butterfly public keys as an example: For example, RSA butterfly public key ;by For example, RSA butterfly public key .

其中,上述第一至第三實施例中產製的RSA繭公鑰、RSA蝴蝶公鑰加密的資訊,都可以使用RSA毛蟲私鑰進行解密。Among them, the information encrypted by the RSA cocoon public key and the RSA butterfly public key produced in the first to third embodiments can be decrypted using the RSA caterpillar private key.

圖7依照本發明的一實施例的基於金鑰擴展的安全憑證管理方法的流程圖。FIG. 7 is a flow chart of a security certificate management method based on key extension according to an embodiment of the present invention.

於步驟S701中,高效率終端設備303產製RSA毛蟲金鑰對。In step S701, the high-efficiency terminal device 303 generates a RSA caterpillar key pair.

於步驟S702中,高效率註冊中心302產製複數個RSA繭公鑰。In step S702, the high-efficiency registration center 302 generates a plurality of RSA public keys.

於步驟S703中,高效率授權憑證中心301產製複數個RSA蝴蝶公鑰。In step S703, the high-efficiency certificate authority 301 generates a plurality of RSA butterfly public keys.

基於金鑰擴展的安全憑證管理系統可使用上述RSA蝴蝶公鑰作為假名憑證的公鑰加密使用,由終端設備301使用RSA毛蟲私鑰進行簽章或解密使用。The key-based security certificate management system can use the RSA butterfly public key as the public key of the pseudonymous certificate for encryption, and the terminal device 301 uses the RSA caterpillar private key for signing or decryption.

基於上述,本發明提供一種基於金鑰擴展的安全憑證管理系統及其方法, 在車聯網通訊標準中加入假名憑證機制,提供擴展後公鑰對作為假名憑證,不僅提升車輛傳輸的隱私和保密,而且進行公鑰擴展的運算時間遠低於產製全新金鑰對的運算時間,且減少了圖2傳統方式中的例如產製繭私鑰、運用繭私鑰解密密文、產製複數個蝴蝶私鑰等步驟,可以快速產製複數個公鑰作為假名憑證,擴展金鑰效率更高。Based on the above, the present invention provides a security certificate management system and method based on key expansion, adds a pseudonymous certificate mechanism to the vehicle network communication standard, and provides an expanded public key pair as a pseudonymous certificate, which not only improves the privacy and confidentiality of vehicle transmission, but also the calculation time for public key expansion is much lower than the calculation time for generating a new key pair, and reduces the steps in the traditional method of Figure 2, such as generating a butterfly private key, using the butterfly private key to decrypt ciphertext, and generating multiple butterfly private keys. It can quickly generate multiple public keys as pseudonymous certificates, and the key expansion efficiency is higher.

雖然本發明已以實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明的精神和範圍內,當可作些許的更動與潤飾,故本發明的保護範圍當視後附的申請專利範圍所界定者為準。Although the present invention has been disclosed as above by the embodiments, they are not intended to limit the present invention. Any person with ordinary knowledge in the relevant technical field can make some changes and modifications without departing from the spirit and scope of the present invention. Therefore, the protection scope of the present invention shall be defined by the scope of the attached patent application.

101:授權憑證中心 102:註冊中心 103、303:終端設備 301:高效率授權憑證中心 3011:第一RSA金鑰擴展模組 302:高效率註冊中心 3021:第二RSA金鑰擴展模組 3031:RSA金鑰產製模組 1a、1b、1c、1d、3a、3b、5a、5b、5c、8a、8b、9a、9b、S201、S202、S203、S204、S205、S206、S207、S208、S209、S401、S402、S403、S404、S405、S501、S502、S503、S504、S505、S601、S602、S603、S604、S605:步驟101: Authorization Certificate Center 102: Registration Center 103, 303: Terminal Equipment 301: High-efficiency Authorization Certificate Center 3011: First RSA Key Extension Module 302: High-efficiency Registration Center 3021: Second RSA Key Extension Module 3031: RSA Key Production Module 1a, 1b, 1c, 1d, 3a, 3b, 5a, 5b, 5c, 8a, 8b, 9a, 9b, S201, S202, S203, S204, S205, S206, S207, S208, S209, S401, S402, S403, S404, S405, S501, S502, S5 03. S504, S505, S601, S602, S603, S604, S605: Steps

圖1為習知的IEEE 1609.2.1之安全憑證管理系統的系統架構圖。 圖2為習知的IEEE 1609.2.1之蝴蝶金鑰擴展方法的流程圖。 圖3是依照本發明的一實施例的基於金鑰擴展的安全憑證管理系統的系統架構圖。 圖4為依照本發明的一第一實施例的基於金鑰擴展的安全憑證管理方法的流程圖。 圖5為依照本發明的一第二實施例的基於金鑰擴展的安全憑證管理方法的流程圖。 圖6為依照本發明的一第三實施例的基於金鑰擴展的安全憑證管理方法的流程圖。 圖7依照本發明的一實施例的基於金鑰擴展的安全憑證管理方法的流程圖。 FIG1 is a system architecture diagram of a known IEEE 1609.2.1 security certificate management system. FIG2 is a flow chart of a known IEEE 1609.2.1 butterfly key expansion method. FIG3 is a system architecture diagram of a key expansion-based security certificate management system according to an embodiment of the present invention. FIG4 is a flow chart of a key expansion-based security certificate management method according to a first embodiment of the present invention. FIG5 is a flow chart of a key expansion-based security certificate management method according to a second embodiment of the present invention. FIG6 is a flow chart of a key expansion-based security certificate management method according to a third embodiment of the present invention. Figure 7 is a flow chart of a security certificate management method based on key expansion according to an embodiment of the present invention.

301:高效率授權憑證中心 301: High-efficiency authorization certification center

302:高效率註冊中心 302: High-efficiency registration center

303:終端設備 303: Terminal equipment

3011:第一RSA金鑰擴展模組 3011: The first RSA key extension module

3021:第二RSA金鑰擴展模組 3021: Second RSA key extension module

3031:RSA金鑰產製模組 3031:RSA key production module

Claims (18)

一種基於金鑰擴展的安全憑證管理系統,包括: 至少一高效率終端設備,包括RSA金鑰產製模組,用以產製RSA毛蟲金鑰對; 高效率註冊中心,與該至少一高效率終端設備通訊連接,該高效率註冊中心包括第二RSA金鑰擴展模組,該第二RSA金鑰擴展模組用以接收該RSA毛蟲金鑰對,產製複數個RSA繭公鑰;以及 高效率授權憑證中心,與該高效率註冊中心通訊連接,該高效率授權憑證中心包括第一RSA金鑰擴展模組,該第一RSA金鑰擴展模組用以接收該些RSA繭公鑰,產製複數個RSA蝴蝶公鑰。 A security certificate management system based on key expansion includes: At least one high-efficiency terminal device, including an RSA key generation module for generating an RSA caterpillar key pair; A high-efficiency registration center, which is connected to the at least one high-efficiency terminal device for communication, and the high-efficiency registration center includes a second RSA key expansion module, and the second RSA key expansion module is used to receive the RSA caterpillar key pair and generate a plurality of RSA cocoon public keys; and The high-efficiency authorization certificate center is connected to the high-efficiency registration center. The high-efficiency authorization certificate center includes a first RSA key expansion module. The first RSA key expansion module is used to receive the RSA cocoon public keys and generate multiple RSA butterfly public keys. 如請求項1所述的安全憑證管理系統,其中該至少一高效率終端設備用以產製該RSA毛蟲金鑰對的操作中,更包括: 該至少一高效率終端設備用以產製該RSA毛蟲金鑰對(s, S, φ);以及 該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)及公式1獲取擴展係數λ,其中, 公式1 其中該λ係該擴展係數、該參數s係毛蟲私鑰、該參數S係毛蟲公鑰、該參數φ係該RSA毛蟲金鑰對的階、該參數g係隨機整數、該參數h係隨機質數。 The security certificate management system as described in claim 1, wherein the operation of the at least one high-efficiency terminal device for generating the RSA caterpillar key pair further includes: the at least one high-efficiency terminal device for generating the RSA caterpillar key pair (s, S, φ); and the at least one high-efficiency terminal device for obtaining an expansion coefficient λ according to the RSA caterpillar key pair (s, S, φ) and formula 1, wherein, Formula 1 Wherein the λ is the expansion coefficient, the parameter s is the caterpillar private key, the parameter S is the caterpillar public key, the parameter φ is the order of the RSA caterpillar key pair, the parameter g is a random integer, and the parameter h is a random prime number. 如請求項2所述的安全憑證管理系統,其中該第二RSA金鑰擴展模組用以接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的操作中,更包括: 該第二RSA金鑰擴展模組依據該RSA毛蟲金鑰對(s, S, φ)、該擴展係數λ以及公式2產製該些RSA繭公鑰,其中, 公式2 其中該λ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰。 The security certificate management system as described in claim 2, wherein the second RSA key expansion module is used to receive the RSA caterpillar key pair, and the operation of generating the RSA cocoon public keys further includes: the second RSA key expansion module generates the RSA cocoon public keys according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and formula 2, wherein, Formula 2 Wherein, λ is the expansion coefficient, the parameter S is the caterpillar public key, the parameter ri is an integer, and Gi is the RSA coyote public keys. 如請求項3所述的安全憑證管理系統,其中該第一RSA金鑰擴展模組用以接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的操作中,更包括: 該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數λ以及公式3產製該些RSA蝴蝶公鑰,其中, 公式3 其中該λ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management system as described in claim 3, wherein the first RSA key expansion module is used to receive the RSA cocoon public keys, and the operation of generating the RSA butterfly public keys further includes: the first RSA key expansion module generates the RSA butterfly public keys according to the RSA cocoon public keys, the expansion coefficient λ and formula 3, wherein, Formula 3 Wherein the λ is the expansion coefficient, the parameter oi is an integer, the Gi is the RSA coil public keys, and the Hi is the RSA butterfly public keys. 如請求項2所述的安全憑證管理系統,其中該第二RSA金鑰擴展模組用以接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的操作中,更包括: 該第二RSA金鑰擴展模組依據該RSA毛蟲金鑰對(s, S, φ)、該擴展係數λ以及公式2產製該些RSA繭公鑰,並且依據公式4獲取擴展係數μ,其中, 公式2 公式4 其中該λ、該μ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰、該參數u係隨機整數。 The security certificate management system as described in claim 2, wherein the second RSA key expansion module is used to receive the RSA caterpillar key pair, and the operation of generating the RSA cocoon public keys further includes: the second RSA key expansion module generates the RSA cocoon public keys according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and formula 2, and obtains the expansion coefficient μ according to formula 4, wherein, Formula 2 Formula 4 Wherein, the λ and μ are the expansion coefficients, the parameter S is the caterpillar public key, the parameter ri is an integer, the Gi are the RSA coyote public keys, and the parameter u is a random integer. 如請求項5所述的安全憑證管理系統,其中該第一RSA金鑰擴展模組用以接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的操作中,更包括: 該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數μ以及公式5產製該些RSA蝴蝶公鑰,其中, 公式5 其中該μ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management system as described in claim 5, wherein the first RSA key expansion module is used to receive the RSA cocoon public keys, and the operation of generating the RSA butterfly public keys further includes: the first RSA key expansion module generates the RSA butterfly public keys according to the RSA cocoon public keys, the expansion coefficient μ and formula 5, wherein, Formula 5 Wherein, μ is the expansion coefficient, the parameter oi is an integer, Gi is the RSA coil public keys, and Hi is the RSA butterfly public keys. 如請求項1所述的安全憑證管理系統,其中該至少一高效率終端設備用以產製該RSA毛蟲金鑰對的操作中,更包括: 該至少一高效率終端設備用以產製該RSA毛蟲金鑰對(s, S, φ); 該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)、公式1獲取擴展係數λ; 該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)及公式6獲取擴展係數γ,其中, 公式1 公式6 其中該λ及該γ係該擴展係數、該參數s係毛蟲私鑰、該參數S係毛蟲公鑰、該參數φ係該RSA毛蟲金鑰對的階、該參數g係隨機整數、該參數h係隨機質數、該參數v係隨機整數, 以及 該至少一高效率終端設備運用該高效率授權憑證中心的高效率授權憑證中心長效公鑰加密γ,得到密文γ’。 The security certificate management system as described in claim 1, wherein the operation of the at least one high-efficiency terminal device for generating the RSA caterpillar key pair further includes: the at least one high-efficiency terminal device for generating the RSA caterpillar key pair (s, S, φ); the at least one high-efficiency terminal device for obtaining an expansion coefficient λ based on the RSA caterpillar key pair (s, S, φ) and formula 1; the at least one high-efficiency terminal device for obtaining an expansion coefficient γ based on the RSA caterpillar key pair (s, S, φ) and formula 6, wherein, Formula 1 Formula 6 wherein the λ and the γ are the expansion coefficients, the parameter s is the caterpillar private key, the parameter S is the caterpillar public key, the parameter φ is the order of the RSA caterpillar key pair, the parameter g is a random integer, the parameter h is a random prime number, the parameter v is a random integer, and the at least one high-efficiency terminal device uses the high-efficiency authorization certificate center long-term public key of the high-efficiency authorization certificate center to encrypt γ to obtain a ciphertext γ'. 如請求項7所述的安全憑證管理系統,其中該第二RSA金鑰擴展模組用以接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的操作中,更包括: 該第二RSA金鑰擴展模組依據該參數S、該擴展係數λ、該密文γ’以及公式2產製該些RSA繭公鑰;以及 該第二RSA金鑰擴展模組依據該擴展係數λ以及公式4獲取擴展係數μ,其中, 公式2 公式4 其中該λ、該μ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰、該參數u係隨機整數。 The security certificate management system as described in claim 7, wherein the second RSA key expansion module is used to receive the RSA caterpillar key pair, and the operation of generating the RSA cocoon public keys further includes: the second RSA key expansion module generates the RSA cocoon public keys according to the parameter S, the expansion coefficient λ, the ciphertext γ' and formula 2; and the second RSA key expansion module obtains the expansion coefficient μ according to the expansion coefficient λ and formula 4, wherein, Formula 2 Formula 4 Wherein, the λ and μ are the expansion coefficients, the parameter S is the caterpillar public key, the parameter ri is an integer, the Gi are the RSA coyote public keys, and the parameter u is a random integer. 如請求項8所述的安全憑證管理系統,其中該第一RSA金鑰擴展模組用以接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的操作中,更包括: 該高效率授權憑證中心運用高效率授權憑證中心長效私鑰解密該密文γ’, 得到明文γ;以及 該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數μ、該明文γ以及公式7產製該些RSA蝴蝶公鑰,其中, 公式7 其中該μ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management system as described in claim 8, wherein the first RSA key expansion module is used to receive the RSA cocoon public keys, and the operation of generating the RSA butterfly public keys further includes: the high-efficiency authorization certificate center uses the high-efficiency authorization certificate center long-term private key to decrypt the ciphertext γ' to obtain the plaintext γ; and the first RSA key expansion module generates the RSA butterfly public keys according to the RSA cocoon public keys, the expansion coefficient μ, the plaintext γ and formula 7, wherein, Formula 7 Wherein, μ is the expansion coefficient, the parameter oi is an integer, Gi is the RSA coil public keys, and Hi is the RSA butterfly public keys. 一種基於金鑰擴展的安全憑證管理方法,包括: 經由包括RSA金鑰產製模組的至少一高效率終端設備產製RSA毛蟲金鑰對; 經由包括第二RSA金鑰擴展模組的高效率註冊中心接收該RSA毛蟲金鑰對,產製複數個RSA繭公鑰;以及 經由包括第一RSA金鑰擴展模組的高效率授權憑證中心接收該些RSA繭公鑰,產製複數個RSA蝴蝶公鑰。 A method for managing a secure certificate based on key expansion, comprising: Producing an RSA caterpillar key pair via at least one high-efficiency terminal device including an RSA key generation module; Receiving the RSA caterpillar key pair via a high-efficiency registration center including a second RSA key expansion module to generate a plurality of RSA cocoon public keys; and Receiving the RSA cocoon public keys via a high-efficiency authorization certificate center including a first RSA key expansion module to generate a plurality of RSA butterfly public keys. 如請求項10所述的安全憑證管理方法,其中該經由該至少一高效率終端設備產製RSA毛蟲金鑰對的步驟中,更包括: 經由該至少一高效率終端設備產製該RSA毛蟲金鑰對(s, S, φ); 經由該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)及公式1獲取擴展係數λ,其中, 公式1 其中該λ係該擴展係數、該參數s係毛蟲私鑰、該參數S係毛蟲公鑰、該參數φ係該RSA毛蟲金鑰對的階、該參數g係隨機整數、該參數h係隨機質數。 The security certificate management method as described in claim 10, wherein the step of generating the RSA caterpillar key pair through the at least one high-efficiency terminal device further includes: generating the RSA caterpillar key pair (s, S, φ) through the at least one high-efficiency terminal device; obtaining the expansion coefficient λ according to the RSA caterpillar key pair (s, S, φ) and formula 1 through the at least one high-efficiency terminal device, wherein, Formula 1 Wherein the λ is the expansion coefficient, the parameter s is the caterpillar private key, the parameter S is the caterpillar public key, the parameter φ is the order of the RSA caterpillar key pair, the parameter g is a random integer, and the parameter h is a random prime number. 如請求項11所述的安全憑證管理方法,其中該經由該第二RSA金鑰擴展模組接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的步驟中,更包括: 經由該第二RSA金鑰擴展模組依據該RSA毛蟲金鑰對(s, S, φ)、該擴展係數λ以及公式2產製該些RSA繭公鑰,其中, 公式2 其中該λ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰。 The security certificate management method as described in claim 11, wherein the step of receiving the RSA caterpillar key pair via the second RSA key expansion module and generating the RSA cocoon public keys further includes: generating the RSA cocoon public keys via the second RSA key expansion module according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and formula 2, wherein, Formula 2 Wherein, λ is the expansion coefficient, the parameter S is the caterpillar public key, the parameter ri is an integer, and Gi is the RSA coyote public keys. 如請求項12所述的安全憑證管理方法,其中該經由該第一RSA金鑰擴展模組接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的步驟中,更包括: 經由該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數λ以及公式3產製該些RSA蝴蝶公鑰,其中, 公式3 其中該λ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management method as described in claim 12, wherein the step of receiving the RSA cocoon public keys through the first RSA key expansion module and generating the RSA butterfly public keys further includes: generating the RSA butterfly public keys through the first RSA key expansion module according to the RSA cocoon public keys, the expansion coefficient λ and formula 3, wherein, Formula 3 Wherein the λ is the expansion coefficient, the parameter oi is an integer, the Gi is the RSA coil public keys, and the Hi is the RSA butterfly public keys. 如請求項11所述的安全憑證管理方法,其中該經由該第二RSA金鑰擴展模組接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的步驟中,更包括: 經由該第二RSA金鑰擴展模組依據該RSA毛蟲金鑰對(s, S, φ)、該擴展係數λ以及公式2產製該些RSA繭公鑰,並且依據公式4獲取擴展係數μ,其中, 公式2 公式4 其中該λ、該μ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰、該參數u係隨機整數。 The security certificate management method as described in claim 11, wherein the step of receiving the RSA caterpillar key pair through the second RSA key expansion module and generating the RSA cocoon public keys further includes: generating the RSA cocoon public keys through the second RSA key expansion module according to the RSA caterpillar key pair (s, S, φ), the expansion coefficient λ and formula 2, and obtaining the expansion coefficient μ according to formula 4, wherein, Formula 2 Formula 4 Wherein, the λ and μ are the expansion coefficients, the parameter S is the caterpillar public key, the parameter ri is an integer, the Gi are the RSA coyote public keys, and the parameter u is a random integer. 如請求項14所述的安全憑證管理方法,其中該經由該第一RSA金鑰擴展模組接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的步驟中,更包括: 經由該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數μ以及公式5產製該些RSA蝴蝶公鑰,其中, 公式5 其中該μ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management method as described in claim 14, wherein the step of receiving the RSA cocoon public keys through the first RSA key expansion module and generating the RSA butterfly public keys further includes: generating the RSA butterfly public keys through the first RSA key expansion module according to the RSA cocoon public keys, the expansion coefficient μ and formula 5, wherein, Formula 5 Wherein, μ is the expansion coefficient, the parameter oi is an integer, Gi is the RSA coil public keys, and Hi is the RSA butterfly public keys. 如請求項10所述的安全憑證管理方法,其中該經由該至少一高效率終端設備產製該RSA毛蟲金鑰對的步驟中,更包括: 經由該至少一高效率終端設備產製該RSA毛蟲金鑰對(s, S, φ); 經由該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)、公式1獲取擴展係數λ; 經由該至少一高效率終端設備依據該RSA毛蟲金鑰對(s, S, φ)及公式6獲取擴展係數γ,其中, 公式1 公式6 其中該λ及該γ係該擴展係數、該參數s係毛蟲私鑰、該參數S係毛蟲公鑰、該參數φ係該RSA毛蟲金鑰對的階、該參數g係隨機整數、該參數h係隨機質數、該參數v係隨機整數, 以及 經由該至少一高效率終端設備運用該高效率授權憑證中心的高效率授權憑證中心長效公鑰加密γ,得到密文γ’。 The security certificate management method as described in claim 10, wherein the step of generating the RSA caterpillar key pair through the at least one high-efficiency terminal device further includes: generating the RSA caterpillar key pair (s, S, φ) through the at least one high-efficiency terminal device; obtaining an expansion coefficient λ based on the RSA caterpillar key pair (s, S, φ) and formula 1 through the at least one high-efficiency terminal device; obtaining an expansion coefficient γ based on the RSA caterpillar key pair (s, S, φ) and formula 6 through the at least one high-efficiency terminal device, wherein, Formula 1 Formula 6 wherein the λ and the γ are the expansion coefficients, the parameter s is the caterpillar private key, the parameter S is the caterpillar public key, the parameter φ is the order of the RSA caterpillar key pair, the parameter g is a random integer, the parameter h is a random prime number, the parameter v is a random integer, and the at least one high-efficiency terminal device uses the high-efficiency authorization certificate center long-term public key of the high-efficiency authorization certificate center to encrypt γ to obtain a ciphertext γ'. 如請求項16所述的安全憑證管理方法,其中該經由該第二RSA金鑰擴展模組接收該RSA毛蟲金鑰對,產製該些RSA繭公鑰的步驟中,更包括: 經由該第二RSA金鑰擴展模組依據該參數S、該擴展係數λ、該密文γ’以及公式2產製該些RSA繭公鑰;以及 經由該第二RSA金鑰擴展模組依據該擴展係數λ以及公式4獲取擴展係數μ,其中, 公式2 公式4 其中該λ、該μ係該擴展係數、該參數S係該毛蟲公鑰、該參數ri係一整數、該Gi係該些RSA繭公鑰、該參數u係隨機整數。 The security certificate management method as described in claim 16, wherein the step of receiving the RSA caterpillar key pair through the second RSA key expansion module and generating the RSA cocoon public keys further includes: generating the RSA cocoon public keys through the second RSA key expansion module according to the parameter S, the expansion coefficient λ, the ciphertext γ' and formula 2; and obtaining the expansion coefficient μ through the second RSA key expansion module according to the expansion coefficient λ and formula 4, wherein, Formula 2 Formula 4 Wherein, the λ and μ are the expansion coefficients, the parameter S is the caterpillar public key, the parameter ri is an integer, the Gi are the RSA coyote public keys, and the parameter u is a random integer. 如請求項17所述的安全憑證管理方法,其中該經由該第一RSA金鑰擴展模組接收該些RSA繭公鑰,產製該些RSA蝴蝶公鑰的步驟中,更包括: 經由該高效率授權憑證中心運用高效率授權憑證中心長效私鑰解密該密文γ’, 得到明文γ;以及 經由該第一RSA金鑰擴展模組依據該些RSA繭公鑰、該擴展係數μ、該明文γ以及公式7產製該些RSA蝴蝶公鑰,其中, 公式7 其中該μ係該擴展係數、該參數oi係一整數、該Gi係該些RSA繭公鑰、該Hi係該些RSA蝴蝶公鑰。 The security certificate management method as described in claim 17, wherein the step of receiving the RSA cocoon public keys through the first RSA key expansion module and generating the RSA butterfly public keys further includes: decrypting the ciphertext γ' by the high-efficiency authorization certificate center using the high-efficiency authorization certificate center long-term private key to obtain the plaintext γ; and generating the RSA butterfly public keys through the first RSA key expansion module according to the RSA cocoon public keys, the expansion coefficient μ, the plaintext γ and formula 7, wherein, Formula 7 Wherein, μ is the expansion coefficient, the parameter oi is an integer, Gi is the RSA coil public keys, and Hi is the RSA butterfly public keys.
TW112117885A 2023-05-15 2023-05-15 Security credential management system and method based on key expansion TWI859857B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW112117885A TWI859857B (en) 2023-05-15 2023-05-15 Security credential management system and method based on key expansion

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW112117885A TWI859857B (en) 2023-05-15 2023-05-15 Security credential management system and method based on key expansion

Publications (2)

Publication Number Publication Date
TWI859857B true TWI859857B (en) 2024-10-21
TW202447458A TW202447458A (en) 2024-12-01

Family

ID=94084270

Family Applications (1)

Application Number Title Priority Date Filing Date
TW112117885A TWI859857B (en) 2023-05-15 2023-05-15 Security credential management system and method based on key expansion

Country Status (1)

Country Link
TW (1) TWI859857B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200119930A1 (en) * 2017-10-22 2020-04-16 Lg Electronics, Inc. Cryptographic methods and systems for managing digital certificates
CN111224781A (en) * 2018-11-23 2020-06-02 潘塔安全系统公司 Method and apparatus for managing registration certificates in a secure credential management system
US11184180B2 (en) * 2018-02-05 2021-11-23 Lg Electronics, Inc. Cryptographic methods and systems using blinded activation codes for digital certificate revocation
TW202209844A (en) * 2020-04-28 2022-03-01 美商高通公司 Methods of using certificate-based security with drone identity and broadcasting

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200119930A1 (en) * 2017-10-22 2020-04-16 Lg Electronics, Inc. Cryptographic methods and systems for managing digital certificates
US11184180B2 (en) * 2018-02-05 2021-11-23 Lg Electronics, Inc. Cryptographic methods and systems using blinded activation codes for digital certificate revocation
CN111224781A (en) * 2018-11-23 2020-06-02 潘塔安全系统公司 Method and apparatus for managing registration certificates in a secure credential management system
TW202209844A (en) * 2020-04-28 2022-03-01 美商高通公司 Methods of using certificate-based security with drone identity and broadcasting

Also Published As

Publication number Publication date
TW202447458A (en) 2024-12-01

Similar Documents

Publication Publication Date Title
CN104270249B (en) It is a kind of from the label decryption method without certificate environment to identity-based environment
JP5130318B2 (en) Certificate-based encryption and public key structure infrastructure
US9106410B2 (en) Identity based authenticated key agreement protocol
US7634085B1 (en) Identity-based-encryption system with partial attribute matching
JP4527358B2 (en) An authenticated individual cryptographic system that does not use key escrow
US8320559B1 (en) Identity-based-encryption system
CN109873699B (en) Revocable identity public key encryption method
CN104301108B (en) It is a kind of from identity-based environment to the label decryption method without certificate environment
CN101594228B (en) Authentication encryption method between certificate public key system and identity public key system
US20210152370A1 (en) Digital signature method, device, and system
CN107086912B (en) Ciphertext conversion method, decryption method and system in heterogeneous storage system
CN104168114A (en) Distributed type (k, n) threshold certificate-based encrypting method and system
CN110784300B (en) A Key Synthesis Method Based on Multiplicative Homomorphic Encryption
JP2023505629A (en) Method and system for verifiable identity-based encryption (VIBE) using certificateless authentication encryption (CLAE)
CN114785487B (en) Anti-quantum computing HTTPS communication method and system based on CA and national encryption algorithm
CN110784314A (en) Certificateless encrypted information processing method
TWI859857B (en) Security credential management system and method based on key expansion
CN101741543B (en) Information processing apparatus, information processing method
Yeh et al. P2P email encryption by an identity-based one-way group key agreement protocol
TWI892130B (en) Post-quantum cryptography key extension method, extend matrix production method, security credential management system and method thereof
CN116132047A (en) Decryption method and key unpacking method based on SM9 cryptographic algorithm
Hassouna et al. An integrated public key infrastructure model based on certificateless cryptography
JP2010113181A (en) Key management method, key generation method, encryption processing method, decryption processing method, access control method, communication network system
TWI852860B (en) Hybird security credential management system and method thereof
CN119172166B (en) Distributed cross-domain data encryption method, decryption method and system