CN104243493A - Network identity authentication method and system - Google Patents
Network identity authentication method and system Download PDFInfo
- Publication number
- CN104243493A CN104243493A CN201410532212.4A CN201410532212A CN104243493A CN 104243493 A CN104243493 A CN 104243493A CN 201410532212 A CN201410532212 A CN 201410532212A CN 104243493 A CN104243493 A CN 104243493A
- Authority
- CN
- China
- Prior art keywords
- time
- information
- client
- server end
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses a network identity authentication method and system. The network identity authentication method includes that a client side processes first time and first information, encrypts to form second information and sends the second information and a user identity to a server side; the server side receives the user identity and the second information, acquires the first time by decrypting the second information and performs preliminary authentication; after preliminary authentication is completed, the server side encrypts second time to acquire third information; the server side judges whether time difference of the first time and the second time is smaller than a preset value or not, if yes, authentication of the client side by the server side is successful, and the third information is sent to the client side; the client side decrypts the third information to acquire the second time; the client side calculates time difference of the first time and the second time, and if the time difference is smaller than the preset value, authentication of the server side by the client side is successful. By the network identity authentication method and system, preliminary authentication and bidirectional identity authentication of the client side and the server side are realized, and the problem of safe storing of a secret key is avoided.
Description
Technical field
The present invention relates to network safety filed, particularly relate to the method and system of network ID authentication.
Background technology
Along with the development of the Internet, increasing people start to attempt online transaction.But the deliberate threats such as virus, hacker, phishing and Phishing swindle, bring great challenge to the fail safe of online transaction.The network crime emerged in an endless stream, causes the trust crisis of people to network identity, how certification true identity in network trading, and the problem such as prevent that identity from falsely using becomes again the focus that people pay close attention to.
At present, network ID authentication technology mainly adopts public key cryptography.When public key cryptography refers to and communicates between first, second two users on the computer network; transmit leg first is not stolen by third party to protect the cleartext information that will transmit; key A is adopted to be encrypted information and to form ciphertext M and send to recipient's second; recipient's second another key B is decrypted the ciphertext M received, and obtains the method that the careful literary composition of cleartext information is communication objective.Due in key A, these two keys of key B wherein one being that user is privately owned, another so this information encryption transmission mode, is just called public key cryptography disclosed in the public users on network being.
For public key algorithm, its key and algorithm separate, and therefore there is the safety problem of key storage.
Summary of the invention
Object of the present invention, proposes a kind of method and system that can realize network ID authentication exactly.
Technical scheme of the present invention comprises the steps:
The S1 client process very first time and the first information also encrypt generation second information, and the second information and user ID are sent to server end;
S2 received server-side, to described user ID and described second information, obtains the described very first time by deciphering and processing described second information, and carries out preliminary certification;
After the preliminary certification of S3 completes, server end obtains the 3rd information to the encryption of the second time;
S4 server end judges whether the time difference of the described very first time and described second time is less than preset value, and if so, then server end is to client certificate success, sends the 3rd information to client, otherwise authentification failure;
The 3rd information that S5 client decrypts server end sends obtained for the second time;
S6 client calculates the time difference of the described very first time and described second time, if the time difference is less than preset value, then client is to server-side certificate success, otherwise authentification failure.
Further preferably, the described very first time is the time that described client sends described second information; Described second time is the time of described received server-side to described second information.
Further preferably, the described first information adopts the first algorithm (such as hash algorithm, SM3 algorithm etc.) to calculate user ID and password password by client.
Further preferably, server end storage encryption algorithm, decipherment algorithm, the first key, the second key, described user ID and the described first information; Client stores encryption function and decryption function.
Further preferably, preliminary verification process in described step S2 is: server end also receives the user ID that client sends, and judge whether the described user ID received is present in described user ID archives, if, the then preliminary certification of completing user identity, continue to perform step S3, otherwise preliminary authentification failure, terminate certification.
Further preferably, described encryption function is produced described first key by described server end and it is combined with described cryptographic algorithm and generates; Described decryption function is produced described second key by described server end and it is combined with described decipherment algorithm and generates.
Present invention also offers a kind of system applying described network authentication method, comprising:
Client, the process very first time and the first information encrypt generation second information and send to server end, and, judge whether the time difference of the described very first time and described second time is less than preset value;
Server end, deciphers and processes described second information that described client sends, simultaneously to the second time encryption generation the 3rd information, and, judge whether the time difference of the described very first time and described second time is less than preset value.
Further preferably, the described first information adopts the first algorithm to calculate user ID and password password by described client.
Further preferably, described server end storage encryption algorithm, decipherment algorithm, the first key, the second key, user ID archives and the described first information; Described client stores encryption function and decryption function.
Network authentication method provided by the invention and system can bring following at least one beneficial effect:
1, the enciphering and deciphering algorithm adopted in the present invention and key merge, and regardless of algorithm and key, avoid the safety problem of key storage.
2, the encryption and decryption function of client is got by the key of the random generation of server end combination and enciphering and deciphering algorithm, so the algorithm of each client is different, the safety insert of a client reveals the overall security of not influential system.
3, client and server takes two-way authentication, effectively can prevent impersonation attack.
Accompanying drawing explanation
Below in conjunction with the drawings and specific embodiments, the present invention is described in further detail:
Fig. 1 is the schematic flow sheet of network authentication method embodiment in the present invention;
Fig. 2 is the schematic flow sheet of network identification system embodiment in the present invention.
Embodiment
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, to those skilled in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
As a specific embodiment of the present invention, Fig. 1 is the embodiment schematic flow sheet of network authentication method provided by the invention.The invention provides a kind of method of network ID authentication, comprise the steps:
The S1 client process very first time and the first information also encrypt generation second information, and the second information and user ID are sent to server end;
S2 received server-side, to described user ID and described second information, obtains the described very first time by deciphering and process described second information, and carries out preliminary certification;
After the preliminary certification of S3 completes, server end obtains the 3rd information to the encryption of the second time;
S4 server end judges whether the time difference of the described very first time and described second time is less than preset value, and if so, then server end is to client certificate success, sends the 3rd information to client, otherwise authentification failure;
The 3rd information that S5 client decrypts server end sends obtained for the second time;
S6 client calculates the time difference of the described very first time and described second time, if the time difference is less than preset value, then client is to server-side certificate success, otherwise authentification failure.
Improve embodiment one, obtain preferred embodiment two, wherein, the very first time (is designated as T
ui) be the current time that client is chosen, current time is encrypted.Client (is designated as M to the time after encryption and the first information
1) process after encrypt generation second information again and (be designated as M
2).Second time (was designated as T
si) the second information M of sending to client for received server-side
2the current time chosen afterwards.
Above-described embodiment is improved, obtains preferred embodiment three, wherein, first information M
1that client adopts the first algorithm to calculate user ID (being designated as uid) and password password (being designated as pw), the first algorithm adopted in the present invention is hash algorithm, calculate user ID uid and password password pw, obtain first information M
1for the hash function that safety is unidirectional, M
1=H (pw).In the present invention, each user has a unique user ID uid and corresponding password password pw.
Above-described embodiment is improved, obtain preferred embodiment four, wherein, server end storage encryption algorithm (being designated as E), decipherment algorithm (being designated as D), the first key (being designated as K), the second key (being designated as K '), user ID archives (being designated as List, the list for the user ID uid that server end is deposited) and first information M
1.First key K in conjunction with decipherment algorithm D be used for decipher client send encryption after very first time T
ui, the second key K ' and combining encryption algorithm E is used for the second time T that encryption server end is chosen
si.The user ID archives List that server end stores is a list storing all legitimate client user ID uid, by user ID uid is carried out mating the preliminary certification that can complete identity with user ID archives List.Client stores encryption function and (is designated as E
k), in order to the current very first time T chosen
uiwith first information M
1be encrypted, also store decryption function and (be designated as D
k '), be used for decryption server end send the 3rd information (be designated as M
3).
Above-described embodiment is improved, obtains preferred embodiment five, wherein, the encryption function E that client stores
kthat the first key K produced by server end is combined with the cryptographic algorithm E of its storage and generates.The decryption function D that client stores
k,the second key K produced by server end ' be combined with the decipherment algorithm D of its storage and generate.The encryption and decryption function that each client stores is not identical, is all generated in conjunction with random key and cryptographic algorithm by server end, therefore the overall security of the fail safe of one of them client not influential system after being destroyed.
Improve above-described embodiment, obtain preferred embodiment six, wherein, in step S2, the user ID uid that received server-side client sends, judges whether there is user ID uid in the user ID archives List that server end stores.If had, then judge that this user is as validated user, authentication success, continue to perform step S3, otherwise preliminary authentification failure, terminate certification.By increasing preliminary authentication, improve the fail safe of network ID authentication.
The verification process of a kind of network authentication method provided by the invention is specific as follows:
In step S1, user inputs user ID uid and password password pw.The user ID uid that client adopts the first algorithm and hash algorithm to input user and password code pw calculates, and obtains the hash function H (pw) that a safety is unidirectional, is designated as first information M
1.
Then, client chooses current time and very first time T
ui, by the encryption function E stored
kto very first time T
uiencryption, i.e. E
k(T
ui).Client is to the very first time T after encryption
uiwith first information M
1(M=H (pw)) carries out XOR process, obtains
the encryption function E of client again by storing
kxOR result is encrypted and obtains the second information M
2,
wherein T
uifor the very first time, pw is password password.
Then, the second information M of client user ID uid that user is inputted and generation
2send to server end.
In step S2, first server end receives user ID uid and the second information M of client transmission
2.
Then, server end uses decipherment algorithm D and the first key K to the second information M received
2be decrypted.
obtain
this is the very first time T after encryption
uiwith first information M
1result after XOR.This result and H (pw) are carried out XOR process by server end again,
obtain E
k(T
ui).Then, server end is again by decipherment algorithm D and the first key K deciphering E
k(T
ui), i.e. D
k(E
k(T
ui)), obtain very first time T
ui.
Then, server end carries out the preliminary certification of user identity.Its preliminary verification process is as follows: server end mates with the user ID archives List of storage the user ID uid received.Judge whether user annotation uid exists in its user ID archives stored, if uid ∈ is List, then illustrate that this user is for validated user, preliminary authentication success, otherwise certification terminates.
In step S3, after the preliminary certification of server end completing user identity, choose current time i.e. the second time T
si, encrypt the second time T by cryptographic algorithm E and the second key k '
sigenerate the 3rd information M
3, M
3=E
k' (T
si).
In step S4, the very first time T that server end secure processing device encrypts obtains
uithe the second time T chosen with it
sitime difference.If T
si-T
ui<10min (default preset value, depending on network delay, choosing preset value in the present invention is 10min, only as a preferred preset value of the present invention), then " server end is to client certificate success ", the 3rd information M that encryption generates by server end
3send to client.Otherwise authentification failure, terminates verification process.
In step S5, client receives the 3rd information M that server end sends
3, by using the decryption function D stored
k 'decipher the 3rd information M
3, D
k '(M
3)=D
k' (E
k '(T
si)), obtain the second time T
si.
In step S6, the second time T that client secure processing device encrypts obtains
sithe very first time T chosen with it
uitime difference, if T
si-T
ui<10min (default preset value, depending on network delay, choose 10 minutes in the present invention as a preferred preset value), then " client is to server-side certificate success ", otherwise authentification failure, terminates verification process.
Arrive this, the present invention completes the bidirectional identity authentication of client and server end.
Be illustrated in figure 2 the embodiment schematic flow sheet of network identification system provided by the invention.As a specific embodiment seven of the present invention, present invention also offers a kind of system using network authentication method, comprise client, the process very first time and the first information encrypt generation second information and send to server end, and, judge whether the time difference of the described very first time and described second time is less than preset value;
Also comprise server end, decipher and process described second information that described client sends, simultaneously to the second time encryption generation the 3rd information, and, judge whether the time difference of the described very first time and described second time is less than preset value.
Concrete, client first carries out XOR process to the very first time and the first information, then is encrypted generation second information by cryptographic algorithm to XOR result.Second information is sent to server end by client.
Received server-side to during the second information to the second decrypts information, obtain the very first time after encrypting and the result of first information XOR.Server end carries out XOR process again to this result, obtains the very first time after client encrypt.Server end is decrypted the very first time of encryption again, obtains the very first time.Meanwhile, server end is encrypted generation the 3rd information to the second time.Server end judges the time difference of the described very first time and the second time, if be less than preset value, then server is to client certificate success.3rd information is sent to client by server end.Client receives the 3rd information that server end sends, and obtains for the second time by deciphering the 3rd information.Client judges the time difference of the very first time and the second time, if be less than preset value, then client is to server-side certificate success, completes certification.
Improve embodiment seven, obtain preferred embodiment eight, wherein the first information adopts the first algorithm to calculate described user ID and password password by described client.In the present invention, the first algorithm that client adopts is hash algorithm, carries out calculating generating the unidirectional hash function of safety to user ID and password password, and hash function, has higher fail safe.Client carries out XOR process to the very first time and the first information.The result of encryption XOR generates the second information and sends to server end.Server end sends user ID to server end simultaneously, for the preliminary certification of server end.
Improve embodiment seven, obtain preferred embodiment nine, client stores encryption function and decryption function, and server end stores cryptographic algorithm, decipherment algorithm, the first key, the second key, user ID archives and the first information.Wherein, encryption function produces random first key combining encryption algorithm by server end and generates, and decryption function produces the second random key by server end to generate in conjunction with decipherment algorithm.User ID archives are the lists storing all legitimate client user ID, for the preliminary certification of user.
Concrete, the preliminary verification process of server end is as follows: user ID is sent to server end when transmission the second information by client simultaneously.Server end stores user ID archives and the first information.It, to user ID, mates with the user ID archives stored by received server-side, if user ID exists in its user ID archives stored, then preliminary authentication success, otherwise authentification failure, terminate certification.
The bi-directional authentication of network identification system provided by the invention employing when carrying out network ID authentication " server end is to client " and " client is to server end ".
Concrete, server end to the verification process of client is: server end judges whether the time difference of the very first time and the second time is less than preset value, and this preset value is by Operation system setting, determines according to network condition.If two time differences are less than preset value, then server end is to client certificate success, otherwise authentification failure, terminate certification.
Concrete, client to the verification process of server end is: client judges whether the time difference of the very first time and the second time is less than preset value, and this preset value is by Operation system setting, determines according to network condition.If two time differences are less than preset value, then client is to server-side certificate success, otherwise authentification failure, terminate certification.
A kind of network authentication method provided by the invention and system achieve preliminary certification and client-server end bidirectional identity authentication, and its algorithm and key seed merge, and avoid the problem that secret key safety is preserved.Meanwhile, because the encryption and decryption function of each client is different, the safety of a client can not have influence on the general safety of system.Therefore, the present invention has more excellent development prospect.
Be described in detail specific embodiments of the invention above, but the present invention is not restricted to specific embodiment described above, it is just as example.To those skilled in the art, any equivalent modifications that the present invention is carried out and substituting also all among category of the present invention.Therefore, not departing from the equalization conversion and amendment made under the spirit and scope of invention, all should contain within the scope of the invention.
Claims (9)
1. a network authentication method, is characterized in that, comprises step:
The S1 client process very first time and the first information also encrypt generation second information, and described second information and user ID are sent to server end;
Received server-side described in S2, to described user ID and described second information, obtains the described very first time by deciphering and processing described second information, and carries out preliminary certification;
After described in S3, preliminary certification completes, described server end obtains the 3rd information to the encryption of the second time;
Server end described in S4 judges whether the time difference of the described very first time and described second time is less than preset value, and if so, then described server end is to described client certificate success, and sends described 3rd information to described client, otherwise authentification failure;
Described 3rd information that described in S5, server end described in client decrypts sends obtains described second time;
Client described in S6 calculates the time difference of the described very first time and described second time, if the time difference is less than preset value, then described client is to described server-side certificate success, otherwise authentification failure.
2. network authentication method according to claim 1, is characterized in that:
The described very first time is the time that described client sends described second information;
Described second time is the time that described server end completes preliminary certification.
3. network authentication method according to claim 1, is characterized in that:
The described first information adopts the first algorithm to calculate described user ID and password password by described client.
4. network authentication method according to claim 1, is characterized in that:
Described server end storage encryption algorithm, decipherment algorithm, the first key, the second key, user ID archives and the described first information; Described client stores encryption function and decryption function.
5. network authentication method as claimed in any of claims 1 to 4, is characterized in that:
Described preliminary verification process in described step S2 is: the described user ID that described received server-side sends to described client, and judge whether the described user ID received is present in described user ID archives, if, the then preliminary certification of completing user identity, continue to perform step S3, otherwise preliminary authentification failure, terminates certification.
6. network authentication method as claimed in any of claims 1 to 4, is characterized in that:
Described encryption function is produced described first key by described server end and it is combined with described cryptographic algorithm and generates; Described decryption function is produced described second key by described server end and it is combined with described decipherment algorithm and generates.
7. a network identification system, is characterized in that, comprising:
Client, the process very first time and the first information are also encrypted generation second information and are sent to server end, and, judge whether the time difference of the described very first time and the second time is less than preset value;
Server end, deciphers and processes described second information that described client sends, simultaneously to described second time encryption generation the 3rd information, and, judge whether the time difference of the described very first time and described second time is less than preset value.
8. a kind of network identification system according to claim 7, is characterized in that:
The described first information adopts the first algorithm to calculate described user ID and password password by described client.
9. a kind of network identification system according to claim 7, is characterized in that:
Described server end storage encryption algorithm, decipherment algorithm, the first key, the second key, user ID archives and the described first information; Described client stores encryption function and decryption function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410532212.4A CN104243493A (en) | 2014-10-11 | 2014-10-11 | Network identity authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410532212.4A CN104243493A (en) | 2014-10-11 | 2014-10-11 | Network identity authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104243493A true CN104243493A (en) | 2014-12-24 |
Family
ID=52230842
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410532212.4A Pending CN104243493A (en) | 2014-10-11 | 2014-10-11 | Network identity authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104243493A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978919A (en) * | 2016-07-29 | 2016-09-28 | 哈尔滨建筑云网络科技有限公司 | Verification processing method |
| CN106506529A (en) * | 2016-12-06 | 2017-03-15 | 上海众人网络安全技术有限公司 | A kind of mutual authentication method and system |
| WO2020001455A1 (en) * | 2018-06-26 | 2020-01-02 | 晋商博创(北京)科技有限公司 | Cpk-based linux operating system login authentication method, device, terminal and server |
| CN110730177A (en) * | 2019-10-18 | 2020-01-24 | 四川九州电子科技股份有限公司 | Remote authorization system and method |
| CN112367329A (en) * | 2020-11-17 | 2021-02-12 | 北京知道创宇信息技术股份有限公司 | Communication connection authentication method, communication connection authentication device, computer equipment and storage medium |
| CN113872979A (en) * | 2021-09-29 | 2021-12-31 | 北京高途云集教育科技有限公司 | Login authentication method and device, electronic equipment and computer-readable storage medium |
| CN114422153A (en) * | 2022-03-30 | 2022-04-29 | 深圳市重构网络科技有限公司 | Authority authentication method and system for improving payment security |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2004102918A2 (en) * | 2003-05-16 | 2004-11-25 | Certicom Corp. | Key agreement and transport protocol |
| CN101075874A (en) * | 2007-06-28 | 2007-11-21 | 腾讯科技(深圳)有限公司 | Certifying method and system |
| CN101917270A (en) * | 2010-08-03 | 2010-12-15 | 中国科学院软件研究所 | Weak authentication and key agreement method based on symmetrical password |
| CN103870525A (en) * | 2012-12-13 | 2014-06-18 | 株式会社日立解决方案 | Secure search processing system and secure search processing method |
| CN104079413A (en) * | 2014-07-14 | 2014-10-01 | 上海众人科技有限公司 | Enhancement type one-time dynamic password authentication method and system |
-
2014
- 2014-10-11 CN CN201410532212.4A patent/CN104243493A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2004102918A2 (en) * | 2003-05-16 | 2004-11-25 | Certicom Corp. | Key agreement and transport protocol |
| CN101075874A (en) * | 2007-06-28 | 2007-11-21 | 腾讯科技(深圳)有限公司 | Certifying method and system |
| CN101917270A (en) * | 2010-08-03 | 2010-12-15 | 中国科学院软件研究所 | Weak authentication and key agreement method based on symmetrical password |
| CN103870525A (en) * | 2012-12-13 | 2014-06-18 | 株式会社日立解决方案 | Secure search processing system and secure search processing method |
| CN104079413A (en) * | 2014-07-14 | 2014-10-01 | 上海众人科技有限公司 | Enhancement type one-time dynamic password authentication method and system |
Non-Patent Citations (2)
| Title |
|---|
| 任伟: "《现代密码学第2版》", 31 January 2014 * |
| 戴有炜: "《Windows Server2012网络管理与架站》", 30 April 2014 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105978919A (en) * | 2016-07-29 | 2016-09-28 | 哈尔滨建筑云网络科技有限公司 | Verification processing method |
| CN105978919B (en) * | 2016-07-29 | 2018-12-21 | 哈尔滨建筑云网络科技有限公司 | A kind of authentication processing method |
| CN106506529A (en) * | 2016-12-06 | 2017-03-15 | 上海众人网络安全技术有限公司 | A kind of mutual authentication method and system |
| WO2020001455A1 (en) * | 2018-06-26 | 2020-01-02 | 晋商博创(北京)科技有限公司 | Cpk-based linux operating system login authentication method, device, terminal and server |
| CN110730177A (en) * | 2019-10-18 | 2020-01-24 | 四川九州电子科技股份有限公司 | Remote authorization system and method |
| CN112367329A (en) * | 2020-11-17 | 2021-02-12 | 北京知道创宇信息技术股份有限公司 | Communication connection authentication method, communication connection authentication device, computer equipment and storage medium |
| CN112367329B (en) * | 2020-11-17 | 2023-05-02 | 北京知道创宇信息技术股份有限公司 | Communication connection authentication method, device, computer equipment and storage medium |
| CN113872979A (en) * | 2021-09-29 | 2021-12-31 | 北京高途云集教育科技有限公司 | Login authentication method and device, electronic equipment and computer-readable storage medium |
| CN113872979B (en) * | 2021-09-29 | 2023-11-24 | 北京高途云集教育科技有限公司 | Login authentication method, login authentication device, electronic equipment and computer readable storage medium |
| CN114422153A (en) * | 2022-03-30 | 2022-04-29 | 深圳市重构网络科技有限公司 | Authority authentication method and system for improving payment security |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106548345B (en) | Method and system for realizing block chain private key protection based on key partitioning | |
| CN101075874B (en) | Certifying method and system | |
| US8670563B2 (en) | System and method for designing secure client-server communication protocols based on certificateless public key infrastructure | |
| CN104243493A (en) | Network identity authentication method and system | |
| KR20190073472A (en) | Method, apparatus and system for transmitting data | |
| CN104243494B (en) | A kind of data processing method | |
| CN102710414B (en) | Randomized document block encryption method | |
| CN103763631A (en) | Authentication method, server and television | |
| CN109274502B (en) | Method and device for creating public key encryption and key signature and readable storage medium | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN105743645A (en) | PUF (Physical Unclonable Function)-based stream key generation device and method and data encryption and decryption method | |
| CN107682152B (en) | Group key negotiation method based on symmetric cipher | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| CN106713349B (en) | Inter-group proxy re-encryption method capable of resisting attack of selecting cipher text | |
| CN112187798A (en) | Bidirectional access control method and system applied to cloud-side data sharing | |
| KR20080050040A (en) | Method for user authentication | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| CN110999202A (en) | Computer-implemented system and method for highly secure, high-speed encryption and transmission of data | |
| JP5324813B2 (en) | Key generation apparatus, certificate generation apparatus, service provision system, key generation method, certificate generation method, service provision method, and program | |
| CN104125239A (en) | Network authentication method and system based on data link encryption transmission | |
| CN113268764A (en) | Personal credit data authorization method for mixed chain and threshold proxy re-encryption | |
| US10938790B2 (en) | Security system and method | |
| CN113656818B (en) | Trusted-free third party cloud storage ciphertext deduplication method and system meeting semantic security | |
| CN106330430B (en) | A kind of third party's method of mobile payment based on NTRU | |
| CN104579692A (en) | Information processing method on basis of intelligent card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160310 Address after: 201821, room 4, building 1411, 211 Yecheng Road, Jiading Industrial Zone, Shanghai, China Applicant after: Shanghai PeopleNet Security Technology Co., Ltd. Address before: 201203 Shanghai City, Pudong New Area Zhangjiang hi tech park Zuchongzhi Road No. 899 Building 9 room 01 4 Applicant before: Shanghai everybody Science and Technology Ltd. |
|
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141224 |
|
| RJ01 | Rejection of invention patent application after publication |