Search

CN-114221768-B - Method and system for proving that key pair is protected by hardware

CN114221768BCN 114221768 BCN114221768 BCN 114221768BCN-114221768-B

Abstract

The invention relates to a method and a system for proving that a key pair is protected by hardware, belonging to the fields of cryptography and information security. When the equipment needs to disclose to an external entity that the key pair generated for the application system is generated in the hardware security environment, the hardware security environment outputs the key certification certificate chain to replace the public key output in the traditional technology. The cryptographic proof can be given to the fact that the key pair is generated in the hardware security environment and the hardware security environment generating the key pair is truly and credible, and the proof can be verified only by using the root certificate of the equipment manufacturer, so that the cost is reduced.

Inventors

  • LIU YALEI
  • LI BO

Assignees

  • 北京握奇数据股份有限公司

Dates

Publication Date
20260512
Application Date
20211109

Claims (8)

  1. 1. A method of proving that a key pair is hardware protected for supporting a single business application or supporting multiple business applications on the same device, comprising the steps of: The method comprises the steps of (1) completing the issuance and injection of a hardware security environment certificate before leaving a factory of equipment with a hardware security environment, executing the step (2) and the step (5) when a single business application is supported, and executing the step (3), the step (4) and the step (5) when a plurality of business applications are supported; (2) In the using stage, when the equipment needs to generate a service key pair for an application system in a hardware security environment, the hardware security environment issues a key to prove a certificate according to a certificate request and generates a certificate chain; (3) When the equipment is initialized, the equipment generates an application domain key pair in a hardware security environment, and issues an application domain certificate by using a hardware security environment certificate; (4) In the using stage, when the equipment needs to generate a service key pair for an application system in a hardware security environment, the hardware security environment issues a key certification certificate according to an application domain certificate and generates a certificate chain; (5) The key in the certificate chain proves the public key of the certificate, i.e. the public key of the newly generated service key pair.
  2. 2. A method of proving that a key pair is protected by hardware, as claimed in claim 1, wherein, when supporting a single business application, in step (1), the device with a hardware security environment performs issuance and injection of a hardware security environment certificate before shipment, specifically, Before leaving the factory, generating a hardware security environment key pair and a certificate request in the hardware security environment of the equipment, issuing a hardware security environment certificate for the certificate request by using the root certificate of the equipment manufacturer, and injecting the hardware security environment certificate into the hardware security environment of the equipment.
  3. 3. A method of proving that a key pair is protected by hardware as claimed in claim 1, wherein, when a single business application is supported, in step (2), the hardware security environment issues a key proving certificate when the device needs to generate a business key pair for an application system in the hardware security environment, in particular, The hardware security environment firstly generates a service key pair, a certificate request is generated, a key certification certificate is issued for the newly generated certificate request by using a hardware security environment certificate injected before leaving a factory, and a certificate chain is generated, wherein a public key in the key certification certificate, namely a public key in the newly generated service key pair.
  4. 4. A method of proving that a key pair is protected by hardware, as claimed in claim 1, wherein, when supporting a plurality of business applications, in step (1), the device with a hardware security environment is required to complete issuance and injection of a hardware security environment certificate before shipment, specifically, Before leaving the factory, generating a hardware security environment key pair and a first certificate request in the hardware security environment of the equipment, issuing a hardware security environment certificate to the first certificate request by using the root certificate of the equipment manufacturer, and injecting the hardware security environment certificate into the hardware security environment of the equipment.
  5. 5. A method of proving that a key pair is protected by hardware as defined in claim 1, wherein, when supporting a plurality of business applications, in step (3), the hardware security environment generates an application domain key pair and issues an application domain certificate based on the hardware security environment certificate, in particular, In a hardware security environment, generating an application domain key pair and a second certificate request; In the hardware security environment, the application domain certificate is issued to the second certificate request by using the hardware security environment certificate and stored in the hardware security environment.
  6. 6. A method of proving that a key pair is protected by hardware as claimed in claim 1, wherein, when a plurality of business applications are supported, in step (4), said in the use phase, when the device needs to generate a business key pair for an application system in a hardware security environment, the hardware security environment issues a key certificate and generates a certificate chain based on an application domain certificate, in particular, In a hardware security environment, generating a service key pair and a third certificate request; in the hardware security environment, the application domain certificate is used for requesting to issue a key to prove the certificate and generating a certificate chain to be stored in the hardware security environment.
  7. 7. A method of proving that a key pair is protected by hardware as claimed in any one of claims 1 to 5, wherein the hardware security environment is a trusted execution environment and/or a secure element, and the application domain corresponds to one or more applications of a service provider.
  8. 8. A system for proving that a key pair is protected by hardware, comprising a hardware security environment on a device, an application APP on the device and an application system, characterized in that the key proving is performed by a method according to any of claims 1-7.

Description

Method and system for proving that key pair is protected by hardware Technical Field The invention belongs to the fields of cryptography and information security, and particularly relates to a method and a system for generating an asymmetric key pair and providing key generation certification to the outside, wherein the key generation certification and the key generation certification are generated in a hardware security environment. Background Common applications of public key cryptography (also known as asymmetric cryptography) in the field of information security include: 1) The data encryption comprises the steps that a first party generates a pair of public and private keys and discloses the public keys to a second party, the second party encrypts confidential information by using the public keys of the first party and then sends the confidential information to the first party; 2) The data signing method comprises the steps that a first party generates a pair of public and private keys and discloses the public keys to a second party, the first party signs confidential information by using the private keys of the first party and then sends the confidential information to the second party, and the second party verifies the signature of data sent by the first party by using the public keys of the first party. In public key cryptography, a party is typically required to generate a pair of public and private keys, the public key being public to other parties, while the private key is kept secret from the other parties. In an application scenario with high requirements for security, an asymmetric key pair is usually generated and confidential information is processed in a special hardware security environment (such as a security chip, a trusted execution environment and the like), and a private key and other confidential information are protected from illegal access or leakage by the hardware security environment. At this time, it is important to confirm whether the key used in the system is generated by the legal hardware security environment: 1) In the data encryption scenario, if a key pair of an information receiver is generated in an unsafe environment, confidential information encrypted by a public key of the key pair may be decrypted in the unsafe environment, and the confidential information may be revealed; 2) In the context of data signing, if a signer's key pair is generated in an unsecure environment, its private key may be used unauthorized, and the non-repudiation of the signature may be compromised (not resistant to repudiation). Thus, when public key cryptography is used in high security systems, it may be necessary to prove whether a key pair is generated within a legitimate hardware security environment to ensure that confidential information in the system is always protected by the hardware security environment and that signatures in the system are non-repudiatable. In the prior art, a security chip is used on a mobile intelligent terminal to generate a non-paired key pair, and a public key is bound and transmitted with information such as a unique identifier of the security chip, a unique identifier of the terminal and the like to describe a security environment for generating the key pair. However, this approach is non-cryptographic proof that the identity associated with the public key may be tampered with during transmission. Or when the mobile intelligent terminal is provided with an embedded security chip supporting GP Java card specification in the prior art, a security channel can be established after the security chip is authenticated with an external entity, and operations such as key pair generation, private key signature, private key decryption and the like controlled to be executed in the security channel can be ensured to be completed inside the security chip. However, only the external entity having the security domain key can establish a secure channel with the security chip, and other parties cannot verify the generation location of the key pair through the mechanism described above. On the other hand, managing and storing security domain root keys in the system adds additional costs. Disclosure of Invention In view of the shortcomings of the prior art, it is an object of the present invention to provide a method and system for proving that a key pair is protected by hardware. The method and system overcome the disadvantages of the prior art, prove that the key pair used in the system is generated in the hardware security environment, and prove the authenticity of the hardware security environment in which the key pair is generated. To achieve the above object, the present invention provides a method for proving that a key pair is protected by hardware, for supporting a single service application on the same device, comprising the steps of: (1) The equipment with the hardware security environment needs to complete the issuing and injection of the hardware security environm