With the continuous development of network security technologies, the requirement for network security technology also becomes higher and higher. Cryptology is a core technology of network and information security, and in the modern cryptology, security is based on key protection instead of algorithm secrecy, thus key protection management is most important for information security. The key management includes key generation, storage, distribution, etc., and the key distribution is a critical issue of the key management. In a system based on symmetric cryptography, in order to solve the problem of key distribution, a key distribution server is usually available, and each of the two parties to be communicated in the system has a shared key with the key distribution server, and a shared key for protecting communication between both parties is established through message exchanging.
During actual applications, the following situation usually occurs: one or more shared keys Kas are available between a client node and a verification server, and one or more shared keys Kbs are available between a third party equipment and the verification server. However, when a message interaction needs to be carried out between the client node and the third party equipment, a shared key Kab shall exist between the client node and the third party equipment, so as to give a security protection to the message interaction between the client node and the third party equipment. Thus, the verification server shall generate the shared key Kab between the client node and the third party equipment, and distribute the Kab to the client node and the third party equipment, so that the client node and the third party equipment can acquire the Kab. For example, in the network architecture as shown in FIG. 1, a Home EAP server, which is used as the verification server, shall generate a shared key between an EAP client node and a local authentication server.
In the prior art, the process of key distribution is mainly as follows: a client node sends to a third party equipment a key distribution request including a client node identification IDa and a third party equipment identification IDb; after receiving the key distribution request, the third party equipment sends to a verification server the key distribution request including the client node identification IDa and the third party equipment identification IDb; after receiving the key distribution request sent by the third party equipment, the verification server generates a shared key Kab by using keying materials, such as a shared key Kas between the client node and the verification server, a character string Label related to the purpose of the Kab, the client node identification IDa, the third party equipment identification IDb, key length, etc., and sends to the third party equipment a portion formed by encrypting the generated Kab, IDa, IDb, and Kab lifetime with the Kbs, and a portion that generates MIC from the generated Kab, IDa, IDb and Kab lifetime by using the Kas; the third party equipment decrypts the encrypted portion with the Kbs, so as to acquire the Kab, and forwards to the client node a portion to which an integrity protection is given by using the Kas; the client node carries out an integrity verification for partial information forwarded from the third party equipment by using the Kas, and acquires the Kab when the verification succeeds.
During the process of implementing the present invention, the inventor finds that the prior art has at least the following problem:
As the keying materials used by the verification server to generate the shared key Kab are all constant parameters, the Kab cannot be changed in the lifetime of the Kab, even if the Kab is leaked, and hence the security of key distribution is decreased.