摘要: 提出了一种入侵容忍的密钥分发方案。在该方案中,密钥的生成由若干服务器通过秘密共享机制协作完成,每个服务器并不知道所生成的密钥,只持有其秘密份额。密钥分发的过程同样基于秘密共享实现,由用户获取各服务器所持有的秘密份额进行恢复从而获取密钥。分析表明,该方案中不存在唯一失效点,即使一定数量的服务器被攻击者控制后,系统仍然可以完成密钥分发。
关键词:
入侵容忍,
秘密共享,
密钥生成,
密钥分发
Abstract: This paper proposes an intrusion-tolerant key distribution scheme. In the scheme, several servers work together in secret share protocol to generate key, and every server only has a shadow. Key distribution is accomplished with secret share scheme. User recovers key from shadows which servers hold. Analysis shows that every honest user can get a key in the scheme, even if a minority of the servers malfunction or misbehave.
Key words:
intrusion-tolerant,
secret share,
key generation,
key distribution
中图分类号:
周洪伟;原锦辉;郭渊博. 一种入侵容忍的密钥分发方案[J]. 计算机工程, 2007, 33(24): 168-169.
ZHOU Hong-wei; YUAN Jin-hui; GUO Yuan-bo. Intrusion-tolerant Key Distribution Scheme[J]. Computer Engineering, 2007, 33(24): 168-169.