CN103179129A - Remote attestation method based on cloud computing infrastructure as a service (IaaS) environment - Google Patents
Remote attestation method based on cloud computing infrastructure as a service (IaaS) environment Download PDFInfo
- Publication number
- CN103179129A CN103179129A CN2013101073062A CN201310107306A CN103179129A CN 103179129 A CN103179129 A CN 103179129A CN 2013101073062 A CN2013101073062 A CN 2013101073062A CN 201310107306 A CN201310107306 A CN 201310107306A CN 103179129 A CN103179129 A CN 103179129A
- Authority
- CN
- China
- Prior art keywords
- module
- request
- cloud computing
- challenger
- remote attestation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a remote attestation method based on a cloud computing infrastructure as a service (IaaS) environment. The remote attestation method is realized by an identity authentication module, a remote attestation module and a credible platform standard metric version updating module, wherein the identity authentication module comprises an attestation identity key (AIK) certificate application module, a Privacy CA certificate issuing module and an AIK request process verifying module; and the remote attestation module comprises a communication module for a challenger and an authenticated party, and a communication module for the challenger and a credible configuration server. The remote attestation method disclosed by the invention has the beneficial effects that a connection is permitted to be established only if virtual machines (VM) to be communicated are credible through a remote attestation by adding a remote attestation process before a normal communication channel is established between the virtual machines. On one hand, the remote attestation method disclosed by the invention can implement identity authentication and remote attestation on the authenticated party, and on the other hand, the authenticated party can update version under a situation that platform varies, so as to finally realize actually feasible remote attestation of the cloud computing IaaS environment.
Description
Technical field
The present invention relates to credible calculating field, particularly a kind of remote certification method based on cloud computing IaaS environment.
Background technology
Along with the development of information technology, more and more novelties and practical technology have appearred in computer circle, and cloud computing technology is exactly one of them.The all circles such as industrial circle, academia, government all extremely pay close attention to the development of cloud computing, and cloud computing has just like become one of hot issue now.Cloud computing relies on the Internet, and a large amount of storage resources, software resource and computational resource are merged, and has formed the warehouse of share I T virtual resource in large scale, for long-range cloud computing user provides the information service of satisfying its demand.From another perspective, cloud computing makes operation cost and the use cost of IT service significantly reduce, and has accelerated the deployment speed of service and improved the convenience of service.Generally speaking, cloud computing utilizes Intel Virtualization Technology, the combination of disposing as required, serving of the online obtain manner of service, service and mutually with being combined togather dexterously.
Be accompanied by the flourish of cloud computing, also encountered many critical problems, safety problem is especially outstanding, has become the key factor of restriction cloud computing development.Cloud computing environment is compared with technology before, used in a large number Intel Virtualization Technology, this can produce the problem of two aspects thereupon: the one, and Intel Virtualization Technology has produced some specific security risks after introducing, and the safety that how to solve virtual aspect is a significant difference of cloud computing and conventional security; The 2nd, cloud computing is representing a kind of transformation of calculating occupation mode, in the demand for security of terminal, network and service end, respective change has occured all, and traditional safeguard protection means have been not suitable with the demand of cloud computing.
At present, solving on the cloud computing safety problem, a lot of methods and thinking have been emerged.Reliable computing technology being applied in cloud computing environment, solving the safety problem of encountering in the cloud computing application, is exactly a large focus of cloud computing security fields research.Credible calculating is a kind of new information system security technology, by setting up a kind of specific integrity measurement mechanism, possess the ability of differentiating credible program code and insincere program code when making the computing platform operation, thereby incredible platform is set up effective defensive measure and countermeasure.The meaning that credible calculating is born is the same with other security means, and overall goal is exactly the fail safe that will improve computer; The main target of present stage is: guarantee the integrality of system data, safe storage, platform identity and the credible remote proving of data is provided.
Summary of the invention
The present invention is based under the flourish background of cloud computing and reliable computing technology, reliable computing technology is dissolved in cloud computing, the combined with virtual technology to solve the safety problem between virtual Domain under cloud computing IaaS environment, provides a kind of remote certification method based on cloud computing IaaS environment.The present invention is achieved through the following technical solutions:
A kind of remote certification method based on cloud computing IaaS environment, realize by authentication module, remote proving module and version updating module, described authentication module comprises: AIK certificate request module is used for the applicant and connects, prepares to apply for that message and acceptance certificate activate certificate; Privacy CA issues certificate module, is used for Privacy CA and accepts request and verify and sign and issue; Checking AIK request process module, whether reasonable described remote proving module comprises to be used for checking AIK request: challenger and certified person's communication module, be used for the challenger and send request to certified, obtain certified person's platform tolerance list and file; The communication module of challenger and trusted configuration server is used for the challenger and sends request to the trusted configuration server, obtains certified person's metric and tolerance list.
In such scheme, credible platform gauge value version updating module comprises: mutual authentication module, and by sending respectively by the random number of public key encryption, certified person and trusted configuration server carry out authentication and agreement of session key; The remote proving module sends metric and measures list and carry out remote proving to the trusted configuration server by certified person; Metric and list update module, after remote proving passed through, certified person upgraded information above the trusted configuration server by sending new metric value and tolerance list.
Described logical AIK certificate request module comprises the following steps: at first use the TSS programming mode, complete the tissue of AIK certificate request message and the process of encryption.Then, AIK certificate request person sends to Privacy CA to request message.
Described Privacy CA certificate is issued module and is comprised the following steps: Privacy CA decoding request message at first, then use authentication module checking request, then, Privacy CA issues the applicant to AIK certificate message, after last applicant obtains message, through a series of activation and proof procedure, just can use this AIK certificate.
Challenger and certified person's communication module is carried out session encryption with symmetric key.
The communication module of challenger and trusted configuration server is stopped repeatedly obscuring of message by the mutual and encrypting and decrypting of a series of random numbers, reaches the effect of both mutually verifying the other side's identity.
Compared with prior art, the invention has the beneficial effects as follows:
One, for cloud computing IaaS environment to the virtualized requirement of TPM, vTPM and trusted component are integrated.Two, carry out proof of identification based on vTPM, this proof of identification is the basis that proves between platform status, for proof between platform status provides AIK certificate and AIK secret key encryption means.Three, based on the remote proving of vTPM.This communication security agreement provides the guarantee of confidentiality, integrality and non repudiation for the transmission of message, but and detect-message repeat send.Four, the version updating of credible platform gauge value.This update scheme has solved credible platform gauge value and has upgraded hard problem.
In a word, the present invention added the process of remote proving before virtual machine and virtual machine are set up normal communication channel, only when draw the VM that will communicate by letter by remote proving be credible, just allowed to connect.One aspect of the present invention can be carried out authentication and remote proving to certified person, and certified person also can in the situation that version updating is carried out in the platform change, finally realize the remote proving of practicable cloud computing IaaS environment on the other hand.
Description of drawings
Fig. 1 is that a kind of application system of the present invention forms schematic diagram.
Fig. 2 is the design cycle schematic diagram of authentication module in execution mode.
Fig. 3 is challenger and certified person's remote proving communication protocol schematic diagram;
Fig. 4 is challenger and trusted third party's remote proving communication protocol schematic diagram;
Fig. 5 is credible platform gauge value version updating agreement schematic diagram.
Embodiment
Above content has been done fully open to realization of the present invention, below by reference to the accompanying drawings example of the present invention is described further again.
Embodiment one
A kind of remote certification method based on cloud computing IaaS environment, comprise authentication module, remote proving module and credible platform gauge value version updating module, described authentication module comprises: AIK certificate request module is used for the applicant and connects, prepares to apply for that message and acceptance certificate activate certificate; Privacy CA issues certificate module, is used for Privacy CA and accepts request and verify and sign and issue; Whether reasonable checking AIK request process module is used for checking AIK request.Described remote proving module comprises: challenger and certified person's communication module, and be used for the challenger and send request to certified, obtain certified person's platform tolerance list and file; The communication module of challenger and trusted configuration server is used for the challenger and sends request to the trusted configuration server, obtains certified person's metric and tolerance list.As shown in Figure 1, form schematic diagram for a kind of application system of the present invention.The present invention added the process of remote proving before virtual machine and virtual machine are set up normal communication channel, only when draw the VM that will communicate by letter by remote proving be credible, just allow to connect.One aspect of the present invention can be carried out authentication and remote proving to certified person, and certified person also can in the situation that version updating is carried out in the platform change, finally realize the remote proving of practicable cloud computing IaaS environment on the other hand.
As shown in Figure 2, be the related procedure schematic diagram of authentication module.Described authentication module: comprise that whether reasonable AIK certificate request module, Privacy CA issue certificate module, checking AIK request process module, be used for checking AIK request.Described AIK certificate request module concrete steps: at first use the TSS programming mode, complete the tissue of AIK certificate request message and the process of encryption.Then, AIK certificate request person sends to Privacy CA to request message.Described Privacy CA certificate is issued module and is comprised the following steps: Privacy CA decoding request message at first, then use authentication module checking request, then, Privacy CA issues the applicant to AIK certificate message, after last applicant obtains message, through a series of activation and proof procedure, just can use this AIK certificate.
Described remote proving module comprises challenger and certified person's communication module, challenger and trusted configuration server com-munication module:
As Fig. 3, challenger and certified person's remote proving communication protocol schematic diagram.The symbol meaning in Fig. 3 in challenger and certified person's communication module is respectively: CR:Challenge Request challenger requests person; AR:Attested Response certifier responds E:Encrypt and encrypts; The D:Decrypt deciphering; H:Hash gets hash value; ||: two message connect; C: Challenger(challenger); A: the certified person of Attested System(); C
pub: PKI Challenger(challenger); C
pri: the private key of Challenger; A
pub: the PKI certified person of Attested System(); A
pri: the private key of Attested System.
As Fig. 4, be challenger and trusted third party's remote proving communication protocol schematic diagram.Wherein the idiographic flow in challenger and certified person's communication module is: 1. CR is got hash value, obtain { CR}H; 2. { CR}H, the private key signature with Challenger obtains { { CR}H } C to 1. output
pri3. connect CR and output 2., obtain { CR, { { CR}H } C
pri; 4. use the public key encryption output 3. of Attested System, obtain { CR, { { CR}H } C
priA
pub5. with the Apri deciphering, obtain CR and { { CR}H } C
pri6. CR is got hash value, obtain CR}H ' (step is same 1.); 7. with Cpub deciphering { { CR}H } C
pri, obtain { CR}H; 8. more 6. and output 7., the integrality (whether distort or forge) of checking CR.
The symbol meaning in Fig. 4 in the communication module of challenger and trusted configuration server is respectively: cmd: command code-request standard configuration; n
T: the random number that Trusted Config Server(trusted configuration server) generates; n
C: the random number that Challenger(challenger) generates; K
CT: the session key of intercommunication (symmetry); X
pub, X
pri: the PKI and the private key that represent respectively X; LogReq: the standard configuration request message that the metrics logs that transmits according to certified person produces; ConfigResponse: according to the request message that the challenger is transmitted, the standard configuration response message of generation.
In Fig. 4, the idiographic flow of the communication module of challenger and trusted configuration server is: 1. challenger (C) generates random number n
C, the public key encryption with trusted configuration server (T) sends to T with command code.2. after T receives message 1, be judged as challenger requests standard configuration server message according to command code, enter the response request stage.T obtains n with the private key deciphering of self
CAfter, new random number n of regeneration
T, send to C after the public key encryption with C.3. after C decrypted message 2, at first verify n
CWhether be the random number that C sent just now.Be verified, n
TAfter public key encryption with T, send to C.4. after T decrypted message 3, verify n
TWhether be the random number that T generated just now.Be verified, generate the session key K of current communication
CT(adopting the symmetric key mode) with after the public key encryption of C, sends to C.5. the challenger receives and deciphers and obtains session key K
CTAfter, use K
CTThe request of encryption standard Configuration Values is to T.6. T K
CTAfter decrypted message 5, obtain the standard configuration solicited message, then according to these information, search the local standard configuration database, be combined into response message, use K
CTAfter encryption, send to C.
Fig. 5 is credible platform gauge value version updating agreement schematic diagram, and wherein the credible platform gauge value version updating module symbol meaning is: Atteasted System(A) representing credible platform, is also simultaneously the certified person in the binary system proof.Trusted Config Server (T) represents third party's trusted configuration server.Cmd represents command code-request standard configuration; Name represents the credible platform identification number; n
TRepresent Trusted Config Server(trusted configuration server) random number that generates; n
ARepresent the certified person of Atteasted System() random number that generates; K
ATRepresent the session key (symmetry) of intercommunication; { X
pub, X
priRepresentative represents respectively PKI and the private key of X; PCR represents the PCR value of AIK key sealing; Measure Log represents the metrics logs of A; The OK representative is by remote proving, and T is to the permission message of A; NEW MList represents the list of new standard metric.
In Fig. 5, the idiographic flow of credible platform gauge value version updating module is: 1. A sends and upgrades version request to T, and request message comprises command code cmd peace station identification name.2. after T received the renewal version request of A, " name-PKI " correspondence database of retrieval credible platform found PKI corresponding to A, and with one of this public key encryption random number n by the TPM generation
T, send to A.3. A with the packet of the private key deciphering 2 of oneself, obtains n
T, and generate a random number n
A, with the public key encryption of T, and send to T.4. T with the packet of the private key deciphering 3 of oneself, obtains n
TAnd n
A, check n
TWhether consistent with the random number of T oneself generation.If consistent, generate symmetrical session key K
AT, with n
ASend to together A.5. A with the packet of the private key deciphering 4 of oneself, obtains n
AAnd K
AT, check n
AWhether consistent with the random number of A oneself generation.If consistent, use K
ATEncrypt current PC R value and the metrics logs of A, and send to T.6. T K
ATDecipher 5 packet, obtain PCR value and the metrics logs of A, carry out the remote proving step to A.After proof is passed through, send permission datagram (OK packet) to A.7. after A receives and allows packet, use K
ATEncrypt new metric list standard value to T.8. T K
ATAfter the packet of deciphering 7, obtain new metric list standard value, be increased to the measurelist back.
As above can realize preferably the present invention and obtain the described technique effect of summary of the invention, enforcement of the present invention and protection range are not limited to above-described embodiment.
Claims (6)
1. the remote certification method based on cloud computing IaaS environment, is characterized in that realizing by authentication module, remote proving module and version updating module,
Described authentication module comprises:
AIK certificate request module is used for the applicant and connects, prepares to apply for that message and acceptance certificate activate certificate;
Privacy CA issues certificate module, is used for Privacy CA and accepts request and verify and sign and issue;
Whether reasonable checking AIK request process module is used for checking AIK request;
Described remote proving module comprises:
Challenger and certified person's communication module is used for the challenger and sends request to certified, obtains certified person's platform tolerance list and file;
The communication module of challenger and trusted configuration server is used for the challenger and sends request to the trusted configuration server, obtains certified person's metric and tolerance list.
2. the remote certification method based on cloud computing IaaS environment according to claim 1 is characterized in that described credible platform gauge value version updating module comprises:
Mutual authentication module, by sending respectively by the random number of public key encryption, certified person and trusted configuration server carry out authentication and agreement of session key;
The remote proving module sends metric and measures list and carry out remote proving to the trusted configuration server by certified person;
Metric and list update module, after remote proving passed through, certified person upgraded information above the trusted configuration server by sending new metric value and tolerance list.
3. the remote certification method based on cloud computing IaaS environment according to claim 1, it is characterized in that described AIK certificate request module comprises the following steps: at first use the TSS programming mode, complete the tissue of AIK certificate request message and the process of encryption, then, AIK certificate request person sends to Privacy CA to request message.
4. the remote certification method based on cloud computing IaaS environment according to claim 1, it is characterized in that: described Privacy CA certificate is issued module and is comprised the following steps: Privacy CA decoding request message at first, then use authentication module checking request, then, Privacy CA issues the applicant to AIK certificate message, after last applicant obtains message, through a series of activation and proof procedure, just can use this AIK certificate.
5. the remote certification method based on cloud computing IaaS environment according to claim 1, it is characterized in that: challenger and certified person's communication module is carried out session encryption with symmetric key.
6. the remote certification method based on cloud computing IaaS environment according to claim 1, it is characterized in that: the communication module of described challenger and trusted configuration server is by the mutual and encrypting and decrypting of a series of random numbers, prevent repeatedly obscuring of message, reach the effect of both mutually verifying the other side's identity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310107306.2A CN103179129B (en) | 2013-03-29 | 2013-03-29 | A kind of remote certification method based on cloud computing IaaS environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310107306.2A CN103179129B (en) | 2013-03-29 | 2013-03-29 | A kind of remote certification method based on cloud computing IaaS environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103179129A true CN103179129A (en) | 2013-06-26 |
| CN103179129B CN103179129B (en) | 2016-04-13 |
Family
ID=48638752
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310107306.2A Active CN103179129B (en) | 2013-03-29 | 2013-03-29 | A kind of remote certification method based on cloud computing IaaS environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103179129B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103560887A (en) * | 2013-11-04 | 2014-02-05 | 深圳数字电视国家工程实验室股份有限公司 | Intelligent terminal remote attestation method and system |
| CN103973680A (en) * | 2014-04-29 | 2014-08-06 | 神华集团有限责任公司 | Method and system for verifying integrity of cloud computing platform, client terminal and remote terminal |
| CN104901959A (en) * | 2015-05-26 | 2015-09-09 | 浪潮电子信息产业股份有限公司 | Method and system for verifying credibility of computing pool |
| CN106790064A (en) * | 2016-12-20 | 2017-05-31 | 北京工业大学 | The method that both sides are communicated in credible root server cloud computing server model |
| CN107172172A (en) * | 2017-05-31 | 2017-09-15 | 郑州云海信息技术有限公司 | Communication means and its system in a kind of IaaS systems |
| CN108418815A (en) * | 2018-02-12 | 2018-08-17 | 国网浙江省电力有限公司 | User virtual machine data access method of gathering evidence and system |
| CN109714168A (en) * | 2017-10-25 | 2019-05-03 | 阿里巴巴集团控股有限公司 | Trusted remote method of proof, device and system |
| CN110324422A (en) * | 2019-07-05 | 2019-10-11 | 北京大学 | A kind of substantive approach and system of cloud application |
| CN110635904A (en) * | 2019-09-16 | 2019-12-31 | 绍兴文理学院 | Remote attestation method and system for software-defined Internet of things node |
| CN114579983A (en) * | 2022-04-26 | 2022-06-03 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN115134135A (en) * | 2022-06-23 | 2022-09-30 | 广州物联网研究院 | Data privacy calculation method, storage medium and computer equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102622264A (en) * | 2012-02-24 | 2012-08-01 | 北京华胜天成科技股份有限公司 | Multi-virtualization computing platform method in cloud computing |
| CN202385139U (en) * | 2011-12-31 | 2012-08-15 | 北京中科安杰科技发展有限公司 | Private cloud architecture based on infrastructure as a service (IaaS) |
| US8286232B2 (en) * | 2009-03-13 | 2012-10-09 | Novell, Inc. | System and method for transparent cloud access |
-
2013
- 2013-03-29 CN CN201310107306.2A patent/CN103179129B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8286232B2 (en) * | 2009-03-13 | 2012-10-09 | Novell, Inc. | System and method for transparent cloud access |
| CN202385139U (en) * | 2011-12-31 | 2012-08-15 | 北京中科安杰科技发展有限公司 | Private cloud architecture based on infrastructure as a service (IaaS) |
| CN102622264A (en) * | 2012-02-24 | 2012-08-01 | 北京华胜天成科技股份有限公司 | Multi-virtualization computing platform method in cloud computing |
Non-Patent Citations (2)
| Title |
|---|
| ANTONIO CELESTI等: "A Remote Attestation Approach for a Secure Virtual Machine Migration in Federated Cloud Environments", 《NETWORK CLOUD COMPUTING AND APPLICATIONS (NCCA), 2011 FIRST INTERNATIONAL SYMPOSIUM ON》 * |
| 辛思远等: "IaaS 环境可信证明方法研究", 《计算机工程》 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103560887B (en) * | 2013-11-04 | 2016-09-28 | 深圳数字电视国家工程实验室股份有限公司 | Intelligent terminal remote attestation method and system |
| CN103560887A (en) * | 2013-11-04 | 2014-02-05 | 深圳数字电视国家工程实验室股份有限公司 | Intelligent terminal remote attestation method and system |
| CN103973680A (en) * | 2014-04-29 | 2014-08-06 | 神华集团有限责任公司 | Method and system for verifying integrity of cloud computing platform, client terminal and remote terminal |
| CN103973680B (en) * | 2014-04-29 | 2016-01-13 | 神华集团有限责任公司 | Cloud computing platform integrity verification method |
| CN104901959A (en) * | 2015-05-26 | 2015-09-09 | 浪潮电子信息产业股份有限公司 | Method and system for verifying credibility of computing pool |
| CN106790064B (en) * | 2016-12-20 | 2019-11-29 | 北京工业大学 | The method that both sides are communicated in credible root server-cloud computing server model |
| CN106790064A (en) * | 2016-12-20 | 2017-05-31 | 北京工业大学 | The method that both sides are communicated in credible root server cloud computing server model |
| CN107172172B (en) * | 2017-05-31 | 2020-03-06 | 郑州云海信息技术有限公司 | Communication method and system in IaaS system |
| CN107172172A (en) * | 2017-05-31 | 2017-09-15 | 郑州云海信息技术有限公司 | Communication means and its system in a kind of IaaS systems |
| CN109714168A (en) * | 2017-10-25 | 2019-05-03 | 阿里巴巴集团控股有限公司 | Trusted remote method of proof, device and system |
| CN109714168B (en) * | 2017-10-25 | 2022-05-27 | 阿里巴巴集团控股有限公司 | Trusted remote attestation method, device and system |
| US11621843B2 (en) | 2017-10-25 | 2023-04-04 | Alibaba Group Holding Limited | Trusted remote proving method, apparatus and system |
| CN108418815A (en) * | 2018-02-12 | 2018-08-17 | 国网浙江省电力有限公司 | User virtual machine data access method of gathering evidence and system |
| CN110324422A (en) * | 2019-07-05 | 2019-10-11 | 北京大学 | A kind of substantive approach and system of cloud application |
| CN110324422B (en) * | 2019-07-05 | 2020-08-28 | 北京大学 | Cloud application verification method and system |
| CN110635904A (en) * | 2019-09-16 | 2019-12-31 | 绍兴文理学院 | Remote attestation method and system for software-defined Internet of things node |
| CN114579983A (en) * | 2022-04-26 | 2022-06-03 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN114579983B (en) * | 2022-04-26 | 2022-09-09 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN115134135A (en) * | 2022-06-23 | 2022-09-30 | 广州物联网研究院 | Data privacy calculation method, storage medium and computer equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103179129B (en) | 2016-04-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103179129B (en) | A kind of remote certification method based on cloud computing IaaS environment | |
| Ma et al. | An efficient decentralized key management mechanism for VANET with blockchain | |
| CN109309565B (en) | Security authentication method and device | |
| WO2021179449A1 (en) | Mimic defense system based on certificate identity authentication, and certificate issuing method | |
| CN108768652B (en) | Coalition block chain bottom layer encryption method capable of resisting quantum attack | |
| CN101640590B (en) | Method for obtaining a secret key for identifying cryptographic algorithm and cryptographic center thereof | |
| GB2623015A (en) | Internet-of-vehicles communication security authentication method, system and device based on national cryptographic algorithm | |
| CN103118027A (en) | Transport layer security (TLS) channel constructing method based on cryptographic algorithm | |
| CN111475796A (en) | Anti-quantum computation identity authentication method and system based on secret sharing and quantum communication service station | |
| CN104580250A (en) | System and method for authenticating credible identities on basis of safety chips | |
| CN103795534A (en) | Password-based authentication method and apparatus executing the method | |
| CN110889696A (en) | Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology | |
| Zhou et al. | EverSSDI: blockchain-based framework for verification, authorisation and recovery of self-sovereign identity using smart contracts | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| CN109687977A (en) | Anti- quantum calculation digital signature method and anti-quantum calculation digital signature system based on multiple pool of keys | |
| CN117081736A (en) | Key distribution method, key distribution device, communication method, and communication device | |
| Lu et al. | Modeling and verification of IEEE 802.11 i security protocol in UPPAAL for Internet of Things | |
| Khashan et al. | Blockchain-Based Decentralized Authentication Model for IoT-Based E-Learning and Educational Environments. | |
| CN104158807A (en) | PaaS-based secure cloud computing method and PaaS-based secure cloud computing system | |
| Tan et al. | MPCAuth: Multi-factor Authentication for Distributed-trust Systems | |
| Kumar Arora et al. | Blockchain‐inspired lightweight trust‐based system in vehicular networks | |
| CN102098397A (en) | Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange | |
| CN112910641B (en) | Verification method and device for cross-link transaction supervision, relay link node and medium | |
| CN114065170A (en) | Method and device for acquiring platform identity certificate and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |