CN109981255B

Movatterモバイル変換

Info

Publication number: CN109981255B
Application number: CN201910261653.8A
Authority: CN
Inventors: 富尧; 钟一民; 汪仲祥
Original assignee: Ruban Quantum Technology Co Ltd
Current assignee: Ruban Quantum Technology Co Ltd
Priority date: 2019-04-02
Filing date: 2019-04-02
Publication date: 2022-06-14
Anticipated expiration: 2039-04-02
Also published as: CN109981255A

Abstract

The invention relates to a method and a system for updating a key pool, which comprise a client and a server, wherein the client and the server are both provided with a key fob containing the key pool, the client sends a first encrypted message and a second random number to the server, the server decrypts the first encrypted message by using the second random number, the first encrypted message is a data file and a digital signature encrypted by using a server public key, the server public key is extracted by combining the second random number generated by the key fob and the key pool, the data file comprises an update request parameter and a first random number, and the first random number is used for the server to extract the client public key; the digital signature is to encrypt the operated data file by using a private key of the client, the server analyzes the data file to initiate key pool updating after the digital signature is verified by using the first random number, the public and private keys in the client and the server are stored by using the key fob in the whole process, and the key fob is an independent hardware isolation device, so that the possibility that the key is stolen by malicious software is greatly reduced.

Description

Method and system for updating key pool

Technical Field

The invention relates to the field of secure communication, in particular to a method and a system for updating a key pool.

Background

The wide application of the technology internet enables people who are far from acquaintance with each other in all corners of the world to exchange information quickly and share information resources. In the course of the exchange, the person does not always want the information sent out by himself to be known to all, but in all cases the person sending out the information only wants the information sent out to be known to the person concerned. Therefore, people use the password to encrypt the information sent by themselves, and only people with the same password can decrypt the information. In addition, in an era where the world is connected to such a wide network world through the internet, it is required to encrypt information using a uniform password for the purpose of global electronic commerce and electronic commerce. The us data encryption standard DES was therefore published in 1975. When the DES algorithm of the conventional cryptosystem is used, the two communicating parties must distribute the same key in advance and keep the same key properly, and when no special key management mechanism exists, how to obtain the required key in advance by the two communicating parties who are not known to each other and how to identify the identity of the other party is a very important problem. The problem can be solved by how to authorize the opposite party to become the only legal communication partner of the communication, so that the opposite party has legal right and ability to decrypt the ciphertext sent by the opposite party.

Key fobs are identity authentication and encryption/decryption products that combine cryptographic techniques, hardware security isolation techniques, quantum physics techniques (with quantum random number generators). The embedded chip and operating system of the key fob may provide secure storage of keys and cryptographic algorithms, among other functions. Due to its independent data processing capabilities and good security, the key fob becomes a secure carrier for private keys and key pools. Each key fob can be protected by a hardware PIN code, and the PIN code and hardware constitute two essential factors for a user to use the key fob, so-called "two-factor authentication", and a user can log in the system only by simultaneously acquiring the key fob and the user PIN code which store relevant authentication information. Even if the PIN code of the user is leaked, the identity of the legal user cannot be counterfeited as long as the key fob held by the user is not stolen; if the key card of the user is lost, the person who is found cannot imitate the identity of the legal user because the person does not know the PIN code of the user. In short, the key fob prevents confidential information such as keys from appearing in the form of plaintext on the disk and memory of the host, thereby effectively ensuring the security of the confidential information. The problems existing in the prior art are as follows:

1. after the asymmetric key pool of the client is issued, if a certain client needs to update the public key of the client, no proper method is available for updating the asymmetric key pool of the client.

Disclosure of Invention

In view of the above, it is necessary to provide a method and system for updating a key pool.

A method for updating a key pool, implemented at a client provided with a key fob, the key pool being stored in the key fob, the method comprising:

generating a data file, wherein the data file comprises an update request parameter and a first random number, and the first random number is used for a server to extract a client public key;

encrypting the operated data file by using a client private key to obtain a digital signature;

encrypting the data file and the digital signature by using a server public key to obtain a first encrypted message, wherein the server public key is extracted by combining a second random number generated by the key fob and the key pool;

and sending the first encryption message and the second random number to a server for the server to initiate key pool updating after verification.

The public and private keys in the key card are used for signing and encrypting the process of updating the key pool in the client, so that the confidentiality and the reliability of the message are ensured. The key pool is always located in the key fob, which is an independent hardware-isolated device, and the possibility of stealing keys by malware or malicious operations is greatly reduced.

In one embodiment, the method further comprises the following steps: receiving an encrypted update file from the server, wherein the update file is generated after the server verifies the first encrypted message, the update file contains a digital signature of the update message, the second random number and the update message, and the update message contains a data file and an update result; and analyzing the update message to enter a key pool for updating after the digital signature of the update message passes the verification.

In one embodiment, the method for verifying the digital signature of the update message comprises the following steps:

decrypting the encrypted update file using a client private key;

extracting a server public key by using the second random number and the key fob, and decrypting the digital signature of the update message by the server public key to obtain an update message digest;

and comparing the digest value obtained after the corresponding operation is carried out on the update message in the update file with the digest of the update message, thereby realizing the digital signature authentication of the update message.

In one embodiment, when the update request parameter includes the client public key, the client public key generation time, and the client new public key, the method for parsing the update message includes: and comparing the client public key and the generation time of the client public key in the update request parameter with the client public key and the generation time of the client public key stored in the key fob, and updating the client public key pool after the client public key and the generation time of the client public key are determined to be equal.

In one embodiment, when the update request parameter includes a public key pointer random number of the communication client and a generation time of a public key of the communication client, the method for parsing the update message includes:

and replacing the public key of the communication client and the public key updating time recorded in the key fob by the new public key and the new public key generation time in the updating result.

A method for updating a key pool implemented at a server provided with a key fob, the key pool being stored in the key fob, the method comprising:

receiving a first encrypted message and a second random number, wherein: the first encrypted message is obtained by encrypting a data file and a digital signature by using a server public key;

and extracting a server private key by combining the second random number with a key pool in the key fob, and decrypting the first encrypted message by using the server private key to obtain the data file and the digital signature, wherein: the data file comprises an updating request parameter and a first random number, and the first random number is used for a server to extract a client public key; the digital signature is obtained by encrypting the operated data file by using a client private key;

and analyzing the data file to initiate key pool updating after the digital signature verification is passed by using the first random number.

In one embodiment, the method further comprises the following steps: generating an update file, wherein the update file comprises an update message, a second random number and a digital signature of the update message, and the update message comprises a data file and an update result;

encrypting the operated updating message by using a server private key to obtain a digital signature of the updating message, wherein the server private key is extracted by combining a second random number generated by the key fob and the key pool;

encrypting the update file by using a client public key of the client to obtain an encrypted update file;

and sending the first random number and the encrypted update file to a client, and updating a key pool after the client verifies.

In one embodiment, when the update request parameter includes the client public key, the client public key generation time, and the client new public key, the parsing the data file step includes:

and comparing the client public key and the client public key generation time stored in the server key fob with the client public key and the client public key generation time in the obtained update request parameter, and after the client public key and the client public key generation time are determined to be equal, initiating key pool update by the server.

In one embodiment, when the update request parameter includes a random number of a public key pointer of the communication client and a time of generating a public key of the communication client, the parsing the data file includes:

and comparing the generation time of the public key of the communication client in the obtained update request parameter with the generation time of the public key of the communication client recorded in the server key fob, and if the generation time is equal, the public key of the client does not need to be replaced.

A key pool updating system comprises a client and a server, wherein the client and the server are both provided with key fobs, the key pool is stored in the key fobs, the client sends a first encrypted message and a second random number to the server, and the server decrypts the first encrypted message by using the second random number, wherein the first encrypted message is a data file and a digital signature encrypted by using a server public key, the server public key is extracted by combining the second random number generated by the key fobs and the key pool, the data file comprises an updating request parameter and a first random number, and the first random number is used for the server to extract a client public key; the digital signature is to encrypt the operated data file by using a private key of a client, and the server analyzes the data file to initiate key pool updating after the digital signature verification is passed by using the first random number.

The above method and system for updating a key pool include a client and a server, where the client and the server are both equipped with a key fob, the key pool is stored in the key fob, the client sends a first encrypted message and a second random number to the server, and the server decrypts the first encrypted message using the second random number, where the first encrypted message is a data file and a digital signature encrypted using a server public key, the server public key is extracted by combining the second random number generated by the key fob with the key pool, the data file includes an update request parameter and a first random number, and the first random number is used for the server to extract a client public key; the digital signature is to encrypt the operated data file by using a client private key, the server analyzes the data file to initiate key pool updating after the digital signature verification is passed by using the first random number, a public and private key of the client and public and private keys corresponding to different clients in the server are stored by using a key fob, a public key and a private key in the key fob can be selected for calculation according to the random numbers, the public key and the private key cannot be separated from the key fob in the whole calculation process, and the key fob is an independent hardware isolation device, so that the possibility of stealing the key by malicious software or malicious operation is greatly reduced.

Drawings

FIG. 1 is a diagram of the internal structure of a server key fob used in the present invention;

fig. 2 is a diagram of the internal structure of a client key fob used in the present invention.

Detailed Description

In the embodiment of the invention, one server corresponds to a plurality of clients, the server and the clients are provided with key fobs, all the client key fobs are issued by the server, and a public key and a private key are stored in the key fobs.

The server key card is provided with two key pools, namely a client asymmetric key pool (a public key pool) and a server asymmetric key pool (a private key pool);

the client key card is provided with a client asymmetric key pool (public key pool), a server asymmetric key pool (public key pool) and a client private key;

the client asymmetric key pool (public key pool) stores public keys of all clients, the server asymmetric key pool (private key pool) stores private keys of the server, and the server asymmetric key pool (public key pool) stores public keys of the server.

The client asymmetric key pool (public key pool) has a public key of each client, and the storage position of each public key pk can be determined by a public key pointer random number r; each pk simultaneously stores a pk generation time Tpk, wherein the Tpk is the time when the server acquires the pk, namely the Tpk is determined by the server. The public key pointer random number r is used at the same time as the client's ID.

In the following embodiments, the clients are client a and client B, each of which gets a key fob from an issuer, and the server is S.

Example 1

Step 1.1: client a proposes S that client a' S client public key pkA needs to be updated

The client A combines the random number rA of the self public key pointer, namely the first random number, with the client public key pkA, the client public key generation time TpkA and the new client public key pkAnew to obtain rA | | | pkA | | TpkA | | pkAnew, and the combination is named as a data file mA. The update request parameters include a client public key pkA, a client public key generation time TpkA and a client new public key pkAnew, and the client a generates the client new public key pkAnew and also generates a client new private key skAnew.

The client A signs the data file mA by using a client private key skA of the client A, namely, the mA is calculated by using a Hash algorithm to obtain a summary hmA, and the summary is encrypted by using the client private key skA to obtain a digital signature { hmA } skA which is named as a digital signature sA. And taking the server public key pkSA out of the key pool corresponding to the key fob by using a public key pointer random number rSA corresponding to the server public key pkSA, namely a second random number, encrypting the digital signature sA and the data file mA by using the server public key pkSA to obtain a first encryption message { mA | | | sA } pkSA, and combining the first encryption message { mA | | | | | sA } pkSA with the second random number rSA to obtain an rSA | | | { mA | | | | sA } pkSA which is sent to the server S.

Step 1.2: server S processes client A' S request

After receiving the second random number and the first encryption message rSA | { mA | | sA } pkSA sent by the client A, the server S obtains a server private key skSA corresponding to the client A from a server asymmetric key pool (private key pool) of the server key fob according to the second random number rSA, decrypts the first encryption message { mA | | sA } pkSA by using the server private key skSA to obtain a data file and a digital signature mA | | | sA, and thereby obtains the digital signature sA and the data file rA | | | | pkA | TpkA | | pkAnew.

The client public key pkA of a is taken from the pool of client asymmetric keys (public key pool) of the server key fob according to the first random number rA, and the digital signature sA is verified with the client public key pkA. mA is calculated by the same hash algorithm as client a to obtain a new digest hmA', and the digital signature sA is decrypted by the client public key pkA to obtain an old digest hmA, the new digest and the old digest are compared, if they are the same, the identity of client a can be confirmed, otherwise the server S will refuse to update the key.

And recording the current server time TpkAnew. The server analyzes the data file: and verifying whether the client public key pkA and the client public key generation time TpkA obtained by analyzing the data file mA are equal to the client public key pkA and the client public key generation time TpkA taken out of the server key fob, if so, replacing the client public key pkA in the key fob to be a new client public key pkAnew, and replacing the client public key generation time TpkA in the key fob to be TpkAnew.

Step 1.3 server S sends update results to client A as response

The update message includes the data file and the update result, if the update is successful, the update message mAS is mA | | TpkAnew, if the update is failed, the update message mAS is mA | | ResultA, where ResultA is the cause of the update failure.

The server S signs the update message mAS with the server private key skSA, which is similar to the client a signing process in step 1, to obtain a signature { hmAS } skSA named as the digital signature sAS of the update message, where hmAS is the digest of the update message, and the public key pointer random number of the server private key for signing is rSA, which is the second random number. The server S encrypts the update file by using the client public key pkA of the client to obtain a second encryption message { mAS | | rSA | | | sAS } pkA, wherein the update file comprises an update message mAS, a second random number rSA, and a digital signature sAS of the update message, and then sends the first random number and the second encryption message rA | | { mAS | | | rSA | | | sAS } pkA to the A.

Step 1.4 client A accepts response of Server S

After receiving the message rA | { mAS | | rSA | | sAS } pkA sent by the server S, the client a decrypts the encrypted update file { mAS | | rSA | sAS } pkA therein with the client private key skA to obtain the update file mAS | | | rSA | | sAS.

And taking out the server public key pkSA from the key fob according to the second random number rSA, verifying the digital signature sAS of the update message by using the server public key pkSA, wherein the verification process is similar to the signature verification process of the server S in step 1.2, namely comparing the digest value obtained after performing corresponding operation on the update message mAS in the update file mAS | | | rSA | | | sAS with the update message digest hmAS, if the verification fails, the key update fails, ending the process, and if the verification succeeds, performing the next step.

Analyzing the update message mAS, if the result is ResultA, the update fails, the reason of the failure can be checked, and the process is ended; if the acquired TpkAnew is TpkAnew, acquiring pkA, TpkAnew, and TpkAnew.

And verifying whether the client public key pkA and the client public key generation time TpkA obtained by analyzing the update message mAS are equal to the client public key pkA and the client public key generation time TpkA taken out of the key fob, if so, replacing the client public key pkA in the key fob as a new client public key pkAnew, and replacing the client public key generation time TpkA in the key fob as TpkAnew. The client a also updates the old client private key skA to the new client private key skAnew.

Example 2

Step 2.1. when the client B needs to use the public key of the communication client a, the client B asks the server S whether the communication client public key pkA of the communication client a needs to be updated

The client B combines the own public key pointer random number rB, i.e., the first random number, the communication client public key pointer random number rA, and the communication client public key generation time TpkA of the communication client public key pkA to obtain rB | | | rA | | | TpkA, which is named as a data file mB. The fact that the generation time TpkA of the public key of the communication client is contained means that the latest time of the public key of the local communication client A of the client B is reported to the server S, so that whether the public key of the communication client needs to be updated is inquired, and the update request parameters comprise the random number rA of the public key pointer of the communication client and the generation time TpkA of the public key of the communication client.

The client B signs the data file mB by using a client private key skB of the client B, namely, the data file mB is calculated by using a hash algorithm to obtain a summary hmB, and the summary is encrypted by using a client private key skB to obtain a signature { hmB } skB which is named as a digital signature sB. The server public key pkSB is taken out from the key fob by using the public key pointer random number rSB corresponding to the server public key pkSB, that is, the second random number, and the digital signature sB and the data file mB are encrypted by using the server public key pkSB to obtain the first encrypted message { mB | | | sB } pkSB, and the rSB | | { mB | | | | | | | | sB } pkSB obtained by combining the first encrypted message { mB | | | | sB } pkSB with the second random number rSB is sent to the server S.

Step 2.2. Server S processes client B' S request

After receiving the message rSB | { mB | | sB } pkSB sent by the client B, the server S obtains the server private key skSB corresponding to the server B from the server asymmetric key pool (private key pool) of the server key fob according to the public key pointer random number rSB, i.e., the second random number, and decrypts the first encrypted message { mB | | | sB } pkSB with by using the server private key skSB to obtain mB | | | sB, thereby obtaining the digital signature sB and the data file rB | | | | rA | | TpkA.

And taking out a client public key pkB of the client B from a client asymmetric key pool (public key pool) of the server key fob according to the first random number rB, and verifying the digital signature sB by using the client public key pkB. The data file mB is calculated by the same hash algorithm as the client B to obtain a new digest hmB', the digital signature sB is decrypted by the client public key pkB to obtain an old digest hmB, the new digest and the old digest are compared, if the two digests are the same, the identity of the client B can be confirmed, otherwise the server S refuses to reply to the message.

The server S updates and verifies the public key of the communication client, the generation time TpkA 'of the public key of the communication client is taken out from the server key fob according to the random number rA of the public key pointer of the communication client obtained by analyzing the data file mB, and then the generation time TpkA' of the public key of the communication client is compared with the generation time TpkA of the public key of the communication client obtained by analyzing the data file mB, if the generation time TpkA is equal, the public key of the client A does not need to be replaced, and if the generation time TpkA is not equal, the public key of the client A needs to be replaced.

Step 2.3, server S sends update result to client B as response

If the public key of the client a needs to be updated, the update message mBS is made to mB | | | pkAnew | | TpkAnew, and if the public key of the client a does not need to be updated, the update message mBS is made to mB | | | ResultB, where ResultB includes content of the public key of the client a that does not need to be updated.

The server S signs the update message mBS with the server private key skSB, which is similar to the process of signing by the server B in step 2.1, to obtain a signature { hmBS } skSB, named as the digital signature of the update message sBS, where hmBS is the digest of the update message and the public key pointer random number of the private key for signature is rSB, i.e., the second random number. The server S encrypts the update file by using the client public key pkB to obtain a second encryption message { mBS | | | rSB | | sBS } pkB, wherein the update file comprises the update message mBS, a second random number rSB and a digital signature sBS of the update message, and then the first random number and the second encryption message rB | { mBS | | | rSB | | | sBS } pkB are sent to the client B.

Step 2.4. client B accepts response of server S

After receiving the message rB | { mBS | | rSB | | sBS } pkB sent by the server S, the client B decrypts the second encrypted message { mBS | | rSB | | sBS } pkB therein with the server private key skB to obtain the updated file mBS | | | rSB | sBS.

The server public key pkSB is taken from the key fob based on the two random numbers rSB and the digital signature of the update message sBS is verified using the server public key pkSB, the verification process being similar to the S-verify-signature process in step 2.2. If the verification fails, the key updating fails, the process is ended, and if the verification succeeds, the next step is carried out.

Analyzing the update message mBS, if the result is ResultB, updating is not needed, and the process is ended; and if the obtained key is pkAnew and TpkAnew, replacing the communication client public key pkA and the public key updating time TpkA recorded in the key fob with a new public key pkAnew and a new public key generating time TpkAnew in the updating result, namely replacing pkA in the key fob with pkAnew and replacing the TpkA in the key fob with TpkAnew.

The above embodiments may be applied to a key pool update system, where the key pool update system includes a client and a server, where the client and the server are both equipped with a key fob and the key pool is stored in the key fob, and is characterized in that the client sends a first encrypted message and a second random number to the server, and the server decrypts the first encrypted message using the second random number, where the first encrypted message is a data file and a digital signature encrypted using a server public key, the server public key is extracted by combining the second random number generated by the key fob with the key pool, the data file includes an update request parameter and a first random number, and the first random number is used for the server to extract a client public key; the digital signature is to encrypt the operated data file by using a private key of a client, and the server analyzes the data file to initiate key pool updating after the digital signature verification is passed by using the first random number.

In the invention, the public and private keys of the client and the public and private keys corresponding to different clients in the server are stored by using the key fob, the public key and the private key in the key fob can be selected for calculation according to the asymmetric key pointer random number, and the public key and the private key cannot go out of the key fob in the whole calculation process. The public and private keys in the key card are used for signing and encrypting the process of updating the key pool in the client, so that the confidentiality and the reliability of the message are ensured. The key pool is always located in the key fob, which is a separate hardware-isolated device, with greatly reduced potential for stealing keys by malware or malicious operations.

In the present invention, the asymmetric key pool is taken as an example to explain how to safely update the data of the asymmetric key pool. The present invention can also be used to update other data in the key fob, such as a pool of symmetric keys, user shared data, and the like.

The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims

1. A method for updating a key pool, implemented at a client, the client being provided with a key fob, the key pool being stored in the key fob, characterized in that a server key fob has a client asymmetric key pool and a server asymmetric key pool, the client asymmetric key pool being a public key pool, the server asymmetric key pool being a private key pool;

the key fob of the client side is provided with a client side asymmetric key pool, a server asymmetric key pool and a client side private key, the client side asymmetric key pool is a public key pool, the server asymmetric key pool is a public key pool, and the updating method comprises the following steps:

sending the first encryption message and the second random number to a server for the server to initiate key pool updating after verification;

the method for updating the key pool further comprises the following steps: receiving an encrypted update file from the server, wherein the update file is generated after the server verifies the first encrypted message, the update file contains a digital signature of the update message, the second random number and the update message, and the update message contains a data file and an update result; and analyzing the update message to enter a key pool for updating after the digital signature of the update message passes the verification.

2. The method for updating the key pool according to claim 1, wherein the method for verifying the digital signature of the update message comprises:

decrypting the encrypted update file using a client private key;

3. The method according to claim 2, wherein when the update request parameters include the client public key, the client public key generation time, and the client new public key, the parsing update message method includes:

and comparing the client public key and the generation time of the client public key in the update request parameter with the client public key and the generation time of the client public key stored in the key fob, and updating the client public key pool after the client public key and the generation time of the client public key are determined to be equal.

4. The method for updating the key pool according to claim 1, wherein when the update request parameter includes a random number of a public key pointer of the communication client and a time of generating a public key of the communication client, the method for parsing the update message includes:

5. A method for updating a key pool, implemented in a server, the server being provided with a key fob, the key pool being stored in the key fob, wherein the key fob of the server has a client asymmetric key pool and a server asymmetric key pool, the client asymmetric key pool being a public key pool, and the server asymmetric key pool being a private key pool;

the key card of the client side is provided with a client side asymmetric key pool, a server asymmetric key pool and a client side private key, the client side asymmetric key pool is a public key pool, the server asymmetric key pool is a public key pool, and the updating method comprises the following steps:

analyzing a data file to initiate key pool updating after the digital signature is verified by using the first random number;

the method for updating the key pool further comprises the following steps:

generating an update file, wherein the update file comprises an update message, a second random number and a digital signature of the update message, and the update message comprises a data file and an update result;

encrypting the calculated updating message by using a server private key to obtain a digital signature of the updating message, wherein the server private key is extracted by combining a second random number generated by the key fob and the key pool;

6. The method for updating the key pool according to claim 5, wherein when the update request parameter includes the client public key, the client public key generation time, and the client new public key, the parsing the data file step includes:

and comparing the client public key and the client public key generation time stored in the key fob of the server with the client public key and the client public key generation time in the obtained update request parameter, and after the client public key and the client public key generation time are determined to be equal, initiating key pool update by the server.

7. The method for updating the key pool according to claim 5, wherein when the update request parameter includes a random number of a public key pointer of the communication client and a generation time of a public key of the communication client, the step of parsing the data file includes:

8. A key pool updating system comprises a client and a server, wherein the client and the server are both provided with key fobs, and the key pools are stored in the key fobs;

the key card of the client side is provided with a client side asymmetric key pool, a server asymmetric key pool and a client side private key, wherein the client side asymmetric key pool is a public key pool, and the server asymmetric key pool is a public key pool;

the client sends a first encrypted message and a second random number to a server, and the server decrypts the first encrypted message by using the second random number, wherein the first encrypted message is a data file and a digital signature which are obtained by encrypting by using a server public key, the server public key is extracted by combining the second random number generated by the key fob and the key pool, the data file comprises an update request parameter and the first random number, and the first random number is used for the server to extract a client public key; the digital signature is obtained by encrypting the operated data file by using a client private key, and the server analyzes the data file to initiate key pool updating after the digital signature verification is passed by using the first random number;

the client receives an encrypted update file from the server, the update file is generated after the server verifies the first encrypted message, the update file contains a digital signature of the update message, the second random number and the update message, and the update message contains a data file and an update result; and analyzing the update message to enter a key pool for updating after the digital signature of the update message passes the verification.