Design and Implementation of A New Key Management System

Source: Internet
Author: User
Tags asymmetric encryption
Abstract:With the increasing requirements on information security, traditional key management methods equivalent to software encryption cannot meet the security requirements of information systems. Therefore, a new key management system is designed. The system uses high-security CPU smart cards and hardware to generate, store, and transmit keys, which greatly improves the security of the key management system.

Keywords:Secure Smart Card key

In traditional key management systems, keys are usually stored on design machines or disks and transmitted by email through networks and disks. For the sake of security, the key to be transmitted must be encrypted before transmission. After receiving the key, the receiver decrypts it. Because the key still needs to be transferred in this way, but the specific key object has changed, the security is not significantly improved; that is, the name is encrypted by a dedicated hardware encryption machine, however, due to the impact of storage and transmission, its security performance is still equivalent to that of Software Encryption. Therefore, it is necessary to improve the security of storage and transmission.

Although it is safer to transmit keys, the asymmetric encryption system is used to encrypt both the private key and the public key of the other party. The other party uses its private key and the Public Key for decryption. It is difficult to use this method to transmit keys. It requires both parties to have an existing public key and a private key, and also obtain the public key of the other party. The generation of public and private keys is complex and difficult, and usually needs to be involved as a notarized third party. At present, most communication parties do not have these conditions, and the vast majority of communication between them is one-time. For the above reasons, asymmetric encryption is often not used, but still a simple and easy-to-obtain symmetric encryption system is adopted.

When a symmetric encryption system is used, the encryption key and the decryption key are the same or associated, so the storage and transmission security requirements are very high. As mentioned above, traditional encryption is equivalent to Software Encryption, which is not as effective as hardware direct encryption in terms of security, if we use both hardware devices for encryption and dedicated hardware devices to store and transmit keys, this will greatly improve the security of the key system. Currently, only the CPU smart card is widely recognized in the industry. The CPU card has a hardware encryption structure and can be used as an encryption device. Moreover, its special software system-cos (chip operation system) provides high security for data storage and operations, it can be used to store small batches of data.

In this paper, the CPU smart card is used as the encryption and storage medium. According to the idea of symmetric encryption system, a new key system is designed and implemented, and the key generation, storage, and transmission functions are better realized, meets the security requirements of users' information systems.

1. Security Features of CPU cards

As the newest member of the smart card family, the CPU card is widely used due to its high security and convenience. The security of the CPU card is not only reflected in its hardware structure, moreover, its software system cos ensures the security of applications and improves the convenience and flexibility of applications.

The encryption/u35299 decryption function of the CPU card is implemented by the embedded hardware encryption coprocessor, which has high security. Currently, CPU cards generally use DES encryption algorithms. The DSP algorithm is an iterative block cipher algorithm that divides plaintext into blocks in 64-bit units during encryption, and then converts the plaintext of each block into 64-bit ciphertext using a key. The key length is 64 bits, and the valid length is 56 bits (eight bits are used for parity ). To further improve security, the CPU card is usually encrypted using the Triple DES algorithm and the password length is 128 bits.

During the application, the security of the CPU card is guaranteed by its cos security system, which involves the access control mechanism and confidentiality Mechanism of Information in the card. One of the important reasons why smart cards can rapidly develop and become popular is that they can provide users with a high security guarantee and convenient application through the COs security system. The CoS security system consists of three parts: security status, security attributes, and security mechanism [1]. When the security status of a smart card meets the Security Attribute requirements, the smart card executes operation instructions to transfer from the current security status to the next security status under the role of the security mechanism.

2. System Structure and Functions

The main function of this key system is to provide various key generation mechanisms and encryption algorithms, and store the generated key in the CPU smart card with the key export function, that is, the security access module (SAM) card. As shown in System Structure 1, key issuance uses cascade generation and delivery methods, that is, the superior generates the seed keys required for the next level, and in the form of cards, transmission is encrypted by line to the next level, which greatly improves the security of the system and the convenience of application. Based on functions, the system includes the root key system, master key system, initial key system, and samka key system. The system structure has certain scalability. You can reduce or increase the hierarchical hierarchy according to your actual needs. Generally, the level-3 Transfer relationship is not higher than the level-3 Transfer relationship (as shown in the figure) to avoid system complexity. In the system we put into practical use, according to user requirements and system scale, the initialization key system level is canceled, and only the second-level transfer key is adopted, making the system structure more compact, it is easier to implement.

The main function of the root key system is to generate the original primary key of the system, that is, the root key, which is generated by the system security word entered by the system security administrator (which is determined by the security administrator; the master key system uses the dispersion factor to encrypt the root key and obtain the master key. The initialized key system then encrypts the master key, obtain the work key used by the Work key system. The samka key system exports the samka key directly from the root key and uses it directly for the work key system to control and cooperate with the Work key.

The system stores various generated keys in the corresponding CPU smart card. Based on the key card and the master key card, the Sam mother card with the key export function is used, while the samka key is stored using a SAM Card without the export function. Sam pupil is a CPU card that enhances the key security function. It supports multi-level key distribution, which is more secure than ordinary CPU cards. The work key is directly stored in the ordinary CPU card used by the actual work system.

When the system generates the corresponding key, it also generates the corresponding authentication key and stores it in the corresponding authentication card to control and cooperate with the key card. 2. As shown in, the key card must pass the mutual authentication (external authentication) of the card before it can be used normally. The validity of the key authentication card is protected by the personal identification number pin, only the correct core pair pin can be used.

The validity of blank cards is verified by the manufacturer's authentication card. The manufacturer-certified cartoon is often made by the manufacturer, which stores the producer's transmission code, which is also protected by the pin. It can be used only after the correct core pair is pin. It can be seen that the use of each card in the system must pass the corresponding authentication. After successfully verifying its validity, it can be put into normal use, greatly ensuring the security of the system.

3 Related Algorithms

In this system, encryption algorithms mainly adopt highly mature and powerful des algorithms. To further improve the security of the system, the 3DES Algorithm Based on the DES algorithm is used in the actual system. The algorithm is described as follows.

3.1 3DES Algorithm

The 3DES algorithm uses two keys (KL and kr) to encrypt and decrypt des three times in plaintext (x) [2].

3DES encryption method:

Y = des (KL, DES-1 (KR, des (KL, X )))

The corresponding decryption method is:

X = DES-1 (KL, des (KR, DES-1 (KL, y )))

Where des (K, x) indicates that the key K is used to encrypt the data x des, DES-1 (K, Y) indicates that the key K is used to decrypt the data y (the same as below ).

3.2 distributed algorithms

To support the hierarchical encryption transfer function, the CPU card also uses the key dispersion algorithm, which refers to processing distributed data with a dual-length (16-byte) Key MK, export a dual-length key DK (dkl DKr ). The algorithm is as follows [3]:

The method for deriving dkl from the left half of DK is as follows:

· Use the rightmost 16 digits of scattered data as the input data;

· Use mK as the encryption key;

· Use mK to perform a 3dea operation on the input data.

Derivation of DKr in the right half of DK;

· Reverse the 16 rightmost numbers of scattered data as input data;

· Use mK as the encryption key;

· Use mK to perform a 3dea operation on the input data.

3.3 original Key Generation Algorithm

Step 1: Input Seeda and seedb: each of two independent persons enters a 16-digit (or less than 16-digit) as Seeda and seedb respectively;

Step 2: Calculate seedc: seedc = Seeda ◎ seedb;

Step 3: Initialize the key seed:

· Keyinit = constant

· Seed = DES-1 (des (DES-1 (keyinit, seedc), seedb), Seeda)

· Set K3 = Seed

Step 4: generate the key seed:

· K0 = DES-1 (des (DES-1 (K3, seedc), seedb), Seeda) K3

· K1 = DES-1 (des (DES-1 (K0, seedc), seedb), Seeda)

· K2 = DES-1 (des (DES-1 (K1, seedc), seedb), Seeda)

· K3 = DES-1 (des (DES-1 (K2, seedc), seedb), Seeda)

Fifth card, key seed test:

· K4 = K0 + K2 is not a weak des key;

· K5 = k1 + K3 is not a North des key;

· K4 is not equal to K5;

Sixth card, master key generation:

· A = K0 K1

· B = k2 K3

· Mk = a + B. mk is the generated original key.

Repeat the steps from step 4 to step 6 until all the original keys are generated.

The system adopts a mature and secure encryption algorithm and a perfect architecture. Its security is guaranteed by the CPU security and the full strength of the DES algorithm. After more than two years of practical operation by a Chinese organization, it is proved that the system has implemented the "secret lies in the key" idea well, and has a high completeness and advancement, mainly manifested in the following features:

(1) using a complete CPU card as the key generation, storage, and transmission media ensures the security of key data. The unique security system of the CPU card ensures that data in the card will not be operated illegally;

(2) hardware encryption technology is used to encrypt the temporary variables used throughout the process, and the transmission process is encrypted by line to ensure the security of the production and transmission processes;

(3) Hierarchical transmission structure to make the system scalable. It supports both independent systems and distributed systems;

(4) The system has a self-healing function to back up key data, ensuring the system has a certain damage resistance;

(5) The system structure is simple, easy to implement, and cost-effective.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.