Abstract:
Aiming at security requirement of key synchronization management between Hardware Security Modules(HSMs) in parallel cryptographic server, this paper constructs a key management security model of cryptographic server cluster system, and proposes four protocols for key synchronization management, including the initial protocol of key cryptographic in cryptographic server cluster, the protocol of cryptographic-key generation and management, the establishment protocol of initial key environment in every cryptographic processor of cluster and the key cryptographic management protocol of new HSM. Security analysis on the protocol is given.
Key words:
key management,
security module,
cryptographic server,
parallel process
摘要: 针对并行密码服务器在安全模块之间实现密钥同步时面临的系统内部安全问题,建立密码服务系统密钥同步管理的安全模型,从工程化角度对安全模块间密钥同步协议进行设计与实现,包括密码服务器密钥同步初始化协议、同步主密钥的生成与管理协议、密钥初始化环境建立协议、新HSM的密钥同步协议4个子协议,给出协议的安全性分析。
关键词:
密钥管理,
安全模块,
密码服务器,
并行处理
CLC Number:
RONG Xiao-Feng, CAO Zi-Jian, ZHOU Li-Hua. Key Synchronization Management Protocol of Parallel Cryptographic Server[J]. Computer Engineering, 2010, 36(11): 131-133.
容晓峰, 曹子建, 周利华. 并行密码服务器的密钥同步管理协议[J]. 计算机工程, 2010, 36(11): 131-133.