Asymmetric-computing type shared key establishing method suitable for cloud computing and IoT

摘要

An asymmetric-computing type shared key establishing method suitable for cloud computing and IoT has the following advantages. The realization efficiency and the security level are high, and a cryptographic algorithm coprocessor is not needed. The method can be applied to occasions in which the computing capabilities are asymmetric, and attacks from quantum computers can be resisted. Compared with a conventional key exchange protocol such as the Diffie-Hellman key exchange protocol, the method can be more effective between servers and mobile equipment in the security fields as the IoT and cloud computing, and the method can be used in both the electronic environment and the quantum environment. Thus, the asymmetric-computing type shared key establishing method suitable for cloud computing and IoT provided by the invention can be widely applied to the field of information security systems such as network security and e-commerce.

主权项

1. A asymmetric-computing type shared key establishing method suitable for cloud computing and IoT, performing by mobile device A and server B each of which has a processor and a memory, and computation capability of the mobile device A being less than computation capability of the server B, the asymmetric-computing type shared key establishing method comprising the following steps:
setting an ergodic matrix QεFqn×n, selecting x1, . . . , xmεFqn and x1, . . . , xmεFqn randomly and uniformly, computing Q1=Qx1, . . . , Qm=Qxm and Q1=Qx1, . . . , Qm=Qxm in Fqn×n, and using Q1=Qx1, . . . , Qm=Qxm and Q1=Qx1, . . . , Qm=Qxm as public parameters, wherein Q1=Qx1, . . . , Qm=Qxm are irreversible pairwise in Fqn×n, and Q1=Qx1, . . . , Qm=Qxm are irreversible pairwise in Fqn×n; establishing a shared key by the mobile device A and the server B in the following steps that: mobile device A selectsr=(r1,…⁢,rm)∈{0,1}m⁢(wt⁡(r)=⌊m2⌋)randomly and uniformly, uses r as a private key, and computes∏i=1m⁢Qiri⁢⁢and⁢⁢∏i=1m⁢Q_iriin Fqn×n;
server B selects k, lεFqn and MεFqn×n randomly and uniformly, uses k, l, M as a private key, and computes (Q1kMQ1l, . . . , QmkMQml); mobile device A transmits(∏i=1m⁢Qiri,∏i=1m⁢Q_iri)to server B;
server B transmits (Q1kMQ1l, . . . , QmkMQml) to mobile device A; mobile device A computes a shared key∏i=1m⁢(Qik⁢⊗q⁢M⁢⊗q⁢Q_il)riby utilizing the private key thereof;
server B computes a shared key[∏i=1m⁢Qiri]k⁢⊗q⁢M⌊m2⌋⁢⊗q⁢[∏i=1m⁢Q_iri]lby utilizing the private key thereof;
obtaining a shared key∏i=1m⁢Qikri⁢⊗q⁢M⌊m2⁢⌋⁢⊗q⁢∏i=1m⁢Q_ilriby the mobile device A and the server B via negotiation according to a secret key negotiation protocol, the negotiation in mobile device A being accomplished within a required time;performing data communication between the mobile device A and the server B, the data being encrypted by a sender among the mobile device A and the server B, and then decrypted by a recipient among the mobile device A and the server B, both with the shared key∏i=1m⁢⁢Qik⁢⁢ri⁢⊗q⁢M⌊m2⌋⁢⊗q⁢∏i=1m⁢⁢Q_ilri;and
encrypting outgoing data stream using the shared key and establishing a secure communication in cloud computing and IoT environment, wherein, the symbol “” represents the tensor product in the finite field, and matrix multiplications also work in finite field.