| 摘要 |
A system (200) for configuring a network device (300) for key sharing is provided, and a first (300) and second network device configured to determine a shared key between them. The system comprises a key material obtainer (210) for obtaining in electronic form a public global reduction polynomial (216, N(t)), a first private set of bivariate polynomials (212, ƒi(,)), and a second private set of reduction polynomials (214, Qi(t)), with each bivariate polynomial in the first set a reduction polynomial of the second set being associated, and a polynomial manipulation unit (220) for computing a univariate private key polynomial (228) from the first and second private sets by mapping an identity number (A) of the network device to an identity polynomial, obtaining a set of univariate polynomials by for each particular polynomial of the first private set, substituting the identity polynomial (A) into said particular polynomial ƒi(A,) and reducing modulo the reduction polynomial associated with said particular polynomial, and summing the set of univariate polynomials, the system is configured for electronically storing the generated univariate private key polynomial (228, 236) and the public global reduction polynomial (216, N(t)) at the network device. The first network device stores the univariate private key polynomial (312) and the public global reduction polynomial (314, N(t)) and its identity number (310, A). The first network device derives a shared key from mapping the identity number of a second network device to an identity polynomial, substituting the identity polynomial into the univariate private key polynomial and reducing the result of the substituting modulo the public global reduction polynomial (N(t)). |
