A New Key Negotiation Mechanism Based on Digital Certificate

This paper analyzes the shortcomings of the traditional mechanism of cryptographic key negotiation between gateway and terminal, and proposes a new key negotiation mechanism based on digital certificate. This method presets the root certificate and authenticates the encryption key and decryption key of the protection key in the gateway and terminal in advance. It utilizes root certificates to verify the validity of terminal and gateway certificates, confirming the legitimacy of certificates and effectively preventing the possibility of counterfeit certificates. The dispersion technology is used to disperse the preset key first, and then the distributed sub-key is used to encrypt the random number, preventing the security of the whole system from being threatened after the master key is cracked. Finally, an effective combination of asymmetric algorithms and symmetric algorithms is used for session key negotiation and confirmation between the gateway and the terminal. Thus, after mutual authentication between the gateway and the terminal, the session key is obtained.