CN106789042A - User in IBC domains accesses the authentication key agreement method of the resource in PKI domains - Google Patents
User in IBC domains accesses the authentication key agreement method of the resource in PKI domains Download PDFInfo
- Publication number
- CN106789042A CN106789042A CN201710081516.7A CN201710081516A CN106789042A CN 106789042 A CN106789042 A CN 106789042A CN 201710081516 A CN201710081516 A CN 201710081516A CN 106789042 A CN106789042 A CN 106789042A
- Authority
- CN
- China
- Prior art keywords
- domains
- user
- ibc
- resource
- pki
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0847—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Abstract
A kind of user in IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its main operational steps is:A, application are accessed:The user in IBC domains sends the request of the resource for accessing PKI domains to the certificate server in this domain, and the access request of user is forwarded after the certificate server certification user identity legitimacy of IBC domains to the certificate server in PKI domains;B, generation access mandate bill simultaneously send;C, bidirectional identity authentication and consulting session key:Session key is to carry out XOR treatment by the User Part after the certificate server part of session key and filling to obtain;D, re-authentication:When the User Part of session key exceeds its life cycle, but session key certificate server part still in its life cycle, if the user in IBC domains still needs to access the resource in PKI domains, quick re-authentication can be carried out;E, termination session.The method can effectively realize that the user in IBC domains accesses the authenticated key agreement of the resource in PKI domains, and its consumption resource is few, safe.
Description
Technical field
The invention belongs to across isomery domain certifiede-mail protocol technical field in information communication.
Background technology
The various applications of distributed network environment, such as virtual enterprise, instantaneous communication system etc., user want with it
The information resources of access are often all in different trust domain.And different trust domain may be based on different password bodies
System, such as cipher system based on Kerberos and (is based on cipher system based on PKI (PKIX) based on IBC
The cryptographic technique of identity) cipher system etc..Authentication key agreement method between isomorphic field has had more research, and
And formed standard and be widely used.Also have for the authentication key agreement method between two domains of PKI and Kerberos
More research.But the user in IBC domains accesses the authentication key agreement method during resource in PKI domains, but few people's research.And
Under the application scenarios such as the such as virtual enterprise under distributed network, Agile manufactruing, the user in IBC domains accesses the resource in PKI domains
Application demand it is a lot.
Authenticated key agreement document when the user in existing IBC domains accesses the resource in PKI domains only has:
(Meng Xin, Hu Liang, just sword peak, waits cross-domain authorization [J] of isomery trust domain to document 1 " cross-domain authorization in isomery domain "
Jilin University's journal Edition, 2010,48 (1):The mutual trust interconnection system between PKI isomorphic fields 89-93.) is relied on, using body
Part mapping, cross-domain authorization two parts content realizes the credible interconnection between IBC and PKI domains.But it is a large amount of multiple in the document
Using to certificate, certificate can all consume substantial amounts of resource in transmission in storing process, design IBC cipher systems originally with people
Original intention be not inconsistent;Very not direct by the way of identity map, feasibility is not high in the application of reality.And the document is
With identity map, the mode of Trust transitivity realizes the thought of certification, does not have specific protocol procedures, and it is a kind of new that can only can be regarded as
Cross-domain authorization thought rather than a scheme that can be directly realized by.
The content of the invention
It is an object of the invention to provide the authenticated key agreement side that the user in a kind of IBC domains accesses the resource in PKI domains
Method, the method can effectively realize that the user in IBC domains accesses the authenticated key agreement of the resource in PKI domains, and its consumption resource is few,
It is safe.
The technical scheme adopted by the invention for realizing the object of the invention is that the user in a kind of IBC domains is accessed in PKI domains
The authentication key agreement method of resource, its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, the certification of IBC domains to the certificate server TA in IBC domains
Server TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to
The access request of the user U in PKI domains certificate server CA forwarding IBC domains, and send PKI domains certificate server to the user U
The public key PK of CACA;
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, redirects
To step E;Otherwise, the user U in PKI domains certificate server CA generations IBC domains accesses recognizing for the session key K of resource S in PKI domains
Card server section K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA leads to
The identity ID of the user U in the IBC domains crossed in the access request that IBC domains certificate server TA sendsU, calculate IBC domains
User U public key QU;
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K recognizes
Card server section K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle IBC domains
User U public key QUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to IBC domains
User U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->U
Decryption, obtains the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill
Ticket1, then with the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, is jumped to
Step E;Otherwise, the User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2It is the first
Place is filled, and makes its certificate server part K with session key K1Digit it is identical, then to the certification of session key K
Server section K1With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Carry out
Encryption, obtains user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted,
Obtain identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate ticket in being walked together with B with identity ciphertext S-ID
According to Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session
The User Part K of key K '2';To access mandate bill Ticket1Decryption, extraction, obtain the certification of resource-side session key K '
Server section K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session
The certificate server part K of key K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1'
With the User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';It is close with resource-side session again
The identity ciphertext S-ID that key K ' decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract
The identity ID of the resource S in identity IDS ' and PKI domainsSVerified, if the two is inconsistent, jumped to step E;It is no
Then, the resource-side session key K ' of the resource S in PKI domains are to its identity IDSIt is encrypted, obtains the resource S in PKI domains
Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains
To the user terminal identity IDS of the resource S in PKI domains ", and verify the user terminal identity IDS of resource S in PKI domains "
Validity, if checking do not pass through, jump to step E;The certification key of the otherwise user U in the IBC domains and resource S in PKI domains
Consult to complete, the user U in IBC domains has secure access to the resource S in PKI domains using session key K;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains is not visited again
The resource S in PKI domains, then jump to step E;If the user U in IBC domains still needs to access the resource S in PKI domains, step A is jumped to;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still
When in its life cycle, if the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If the use in IBC domains
Family U still needs to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
Compared with prior art, the beneficial effects of the invention are as follows:
First, across the isomery domain authenticated key agreement during resource in PKI domains is accessed The present invention gives the user in IBC domains
Method so that the resource in access PKI domains that the user in IBC domains can be safe.
2nd, IBC domains certificate server sends the public key of PKI domains certificate server to the user in domain, it is ensured that can
The validity of the message that follow-up PKI domains certificate server sends smoothly is verified, while user need not store PKI domains authentication service
The certificate of device, reduces the consumption of system resource.
3rd, session key is to carry out XOR treatment by the certificate server part of session key and User Part to obtain, compared with
The simple session key generated by certificate server for, its security is largely increased, and increased resource consumption
It is few.
Further, the user U in the IBC domains described in step A of the invention sends access to the certificate server TA in IBC domains
The specific practice of the request of the resource S in PKI domains is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqRepresent less than the collection of all integers composition of q
Close, q is more than the prime number of 32 binary digits;Then by random integers r1With the public key P of systempubCarry out based on elliptic curve
Point multiplication operation obtain public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake double
It is linear that mapping point parameter R is obtained to mapping1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers
r1Again with the generation unit P of elliptic curve, carry out the point multiplication operation based on elliptic curve and obtain generating first point parameter R2;To mapping point
Parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), the cryptographic Hash inversion operation to obtaining obtains mapping point ginseng
Several cryptographic Hash inverse element H (R1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the private key S of the user U in IBC domainsUDo
Point multiplication operation obtains the temporary identity Tid of userU;By the identity ID of the user U in IBC domainsU, the identity of the resource S in PKI domains
Mark IDSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, recycle IBC domains
Certificate server TA public key QTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, the identity for obtaining
Information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent using the certificate server TA's in IBC domains
Public key QTACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1
Composition request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains.
So, using the system public key in random number and IBC domains, the generation unit of elliptic curve, by dot product, bilinearity mapping
Penetrate the temporary identity that user is constructed with Hash, it is difficult to crack and forge, can be transmitted in the form of plaintext, both reduced logical
Traffic and amount of calculation, also ensure that the security of information transfer;And temporary identity realizes the anonymity of user identity, prevents
Malicious entities are tracked to user.
Further, the IBC domains certificate server TA described in step A of the invention is legal to the identity of the user U in IBC domains
The specific practice that property is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2Certification with IBC domains takes
The private key S of business device TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Again to again calculating
Mapping point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then be based on the generation unit P of elliptic curve
The point multiplication operation of elliptic curve, obtains cryptographic Hash generation unit and puts parameter R4, then it is interim with the user U in the IBC domains for receiving
Identity TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU
=e (TidU,R4);By described searching number IndUThe user U for obtaining IBC domains is stored at the certificate server TA ends in IBC domains
Identity IDU';Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter
Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains
User U storage IBC domains certificate server TA identity IDU' and identity information plaintext section m1In IBC domains user U
Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through;
So, during IBC domains certificate server checking user identity, parameter, IBC domains are put by temporary identity, generation unit
The generation unit of certificate server private key and elliptic curve, does dot product, Bilinear map mapping and Hash operation, obtains user in IBC
The index value of domain certificate server, is tested the identity legitimacy of user with traditional using id-based signatures algorithm
Card, greatly reduces amount of calculation, and do not interfere with security.
Further, the certificate server TA in IBC domains sends PKI domain certifications to the user U in IBC domains in step A of the invention
The public key PK of server CACAThe practice is:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Enter together
Public key cryptography c is constituted after row signature, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
So, IBC domains certificate server is close to user's public key of the transmission comprising PKI domains certificate server public key in domain
Text, it is ensured that the validity of the message that follow-up PKI domains certificate server sends can be smoothly verified, while user need not deposit
The certificate of storage PKI domains certificate server, reduces the consumption of system resource.
Further, the certificate server part K of the session key K in step B of the invention1Digit be 128;It is described
C1 steps in, the User Part K of the user U in IBC domains generation session key K2Length be 80.
So, the certificate server part being filled with 128 using the User Part of 80 carries out XOR must attend the meeting
Words key, than the session key for only being obtained by the certificate server part of 128, the life cycle of key is shorter, and session is close
The safety of key is guaranteed, meanwhile, the increased traffic is little.
Further, the specific practice of the quick re-authentication in D steps of the invention is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2", and by re-authentication session key K "
User Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit phase
Together, the certificate server part K of then counterweight authen session key K "1With the User Part K after filling2" carry out XOR to process
To complete re-authentication session key K ";Then, C2 steps are jumped to.
So, when session key User Part exceed its life cycle, but session key certificate server part still
When in its life cycle;If the user in IBC domains still needs to access the resource in PKI domains, quick re-authentication can be carried out, and without again
The operation that application is accessed and access mandate bill is generated and distributed is carried out, on the premise of access safety is ensured, is greatly reduced
The interaction times of method, the traffic and amount of calculation.
With reference to specific embodiment, the present invention is described in further detail.
Specific embodiment
Embodiment
A kind of user in IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, the certification of IBC domains to the certificate server TA in IBC domains
Server TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to
The access request of the user U in PKI domains certificate server CA forwarding IBC domains, and send PKI domains certificate server to the user U
The public key PK of CACA;
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, redirects
To step E;Otherwise, the user U in PKI domains certificate server CA generations IBC domains accesses recognizing for the session key K of resource S in PKI domains
Card server section K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA leads to
The identity ID of the user U in the IBC domains crossed in the access request that IBC domains certificate server TA sendsU, calculate IBC domains
User U public key QU;
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K recognizes
Card server section K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle IBC domains
User U public key QUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to IBC domains
User U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->U
Decryption, obtains the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill
Ticket1, then with the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, is jumped to
Step E;Otherwise, the User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2It is the first
Place is filled, and makes its certificate server part K with session key K1Digit it is identical, then to the certification of session key K
Server section K1With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Carry out
Encryption, obtains user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted,
Obtain identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate ticket in being walked together with B with identity ciphertext S-ID
According to Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session
The User Part K of key K '2';To access mandate bill Ticket1Decryption, extraction, obtain the certification of resource-side session key K '
Server section K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session
The certificate server part K of key K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1'
With the User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';It is close with resource-side session again
The identity ciphertext S-ID that key K ' decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract
The identity ID of the resource S in identity IDS ' and PKI domainsSVerified, if the two is inconsistent, jumped to step E;It is no
Then, the resource-side session key K ' of the resource S in PKI domains are to its identity IDSIt is encrypted, obtains the resource S in PKI domains
Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains
To the user terminal identity IDS of the resource S in PKI domains ", and verify the user terminal identity IDS of resource S in PKI domains "
Validity, if checking do not pass through, jump to step E;The certification key of the otherwise user U in the IBC domains and resource S in PKI domains
Consult to complete, the user U in IBC domains has secure access to the resource S in PKI domains using session key K;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains is not visited again
During the resource S in PKI domains, then step E is jumped to;If the user U in IBC domains still needs to access the resource S in PKI domains, step is jumped to
A;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still
When in its life cycle;If the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If IBC domains
User U still needs to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
The user U in the IBC domains described in the step A of this example sends the money for accessing PKI domains to the certificate server TA in IBC domains
The specific practice of the request of source S is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqRepresent less than the collection of all integers composition of q
Close, q is more than the prime number of 32 binary digits;Then by random integers r1With the public key P of systempubCarry out based on elliptic curve
Point multiplication operation obtain public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake double
It is linear that mapping point parameter R is obtained to mapping1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers
r1Again with the generation unit P of elliptic curve, carry out the point multiplication operation based on elliptic curve and obtain generating first point parameter R2;To mapping point
Parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), the cryptographic Hash inversion operation to obtaining obtains mapping point ginseng
Several cryptographic Hash inverse element H (R1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the private key S of the user U in IBC domainsUDo
Point multiplication operation obtains the temporary identity Tid of userU;By the identity ID of the user U in IBC domainsU, the identity of the resource S in PKI domains
Mark IDSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, recycle IBC domains
Certificate server TA public key QTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, the identity for obtaining
Information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent using the certificate server TA's in IBC domains
Public key QTACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1
Composition request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains;
IBC domains certificate server TA described in the step A of this example is closed to the identity for sending the user U in the IBC domains of request
The specific practice that method is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2Certification with IBC domains takes
The private key S of business device TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Again to again calculating
Mapping point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then be based on the generation unit P of elliptic curve
The point multiplication operation of elliptic curve, obtains cryptographic Hash generation unit and puts parameter R4, then it is interim with the user U in the IBC domains for receiving
Identity TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU
=e (TidU,R4);By described searching number IndUThe user U for obtaining IBC domains is stored at the certificate server TA ends in IBC domains
Identity IDU,;Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter
Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains
User U storage IBC domains certificate server TA identity ID 'UWith identity information plaintext section m1In IBC domains user U
Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through;
The certificate server TA in IBC domains sends PKI domains certificate servers CA's to the user U in IBC domains in the step A of this example
Public key PKCAThe practice is:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Enter together
Public key cryptography c is constituted after row signature, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
The certificate server part K of the session key K in the step B of this example1Digit be 128;The C1 steps of this example
In, the User Part K of the user U generation session keys K in IBC domains2Length be 80.
The specific practice of the quick re-authentication in the D steps of this example is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2", and by re-authentication session key K "
User Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit phase
Together, the certificate server part K of then counterweight authen session key K "1With the User Part K after filling2" carry out XOR to process
To complete re-authentication session key K ";Then, C2 steps are jumped to.
Claims (6)
1. the user in a kind of IBC domains accesses the authentication key agreement method of the resource in PKI domains, and its operating procedure is:
A, application are accessed
The user U in IBC domains sends the request of the resource S for accessing PKI domains, IBC domains authentication service to the certificate server TA in IBC domains
Device TA is authenticated to the identity legitimacy of the user U in IBC domains;If certification does not pass through, step E is jumped to;Otherwise, to PKI
The access request of the user U in domain certificate server CA forwarding IBC domains, and send PKI domains certificate servers CA's to the user U
Public key PKCA;
B, generation access mandate bill simultaneously send
PKI domains certificate server CA carries out authentication to IBC domains certificate server TA, if certification does not pass through, jumps to step
Rapid E;Otherwise, the user U in PKI domains certificate server CA generation IBC domains accesses the certification clothes of the session key K of resource S in PKI domains
Business device part K1, and encrypt, generate corresponding access mandate bill Ticket1;Meanwhile, PKI domains certificate server CA passes through
The identity ID of the user U in the IBC domains in the access request that IBC domains certificate server TA sendsU, calculate IBC domains
The public key Q of user UU;
PKI domains certificate server CA utilizes own private key SKCATo the public key PK of resource S in PKI domainsS, session key K certification clothes
Business device part K1With access mandate bill Ticket1, carry out signature treatment and obtain signature information Msign, recycle the use in IBC domains
The public key Q of family UUTo signature information MsignIt is encrypted, obtains encryption message MA2CA->U, and send it to the user in IBC domains
U;
C, bidirectional identity authentication and consulting session key
The user U in C1, IBC domain utilizes own private key SU, the encryption message M sent to PKI domains certificate server CAA2CA->UDecryption,
Obtain the public key PK of resource S in PKI domainsS, session key K certificate server part K1With access mandate bill Ticket1, then
With the public key PK of PKI domains certificate servers CACAThe validity of signature is verified, if checking does not pass through, step E is jumped to;Otherwise,
The User Part K of the user U generation session keys K in IBC domains2, and by the User Part K of session key K2The first place is filled,
Make its certificate server part K with session key K1Digit it is identical, then to the certificate server part K of session key K1
With the User Part K after filling2Carry out XOR treatment and obtain complete session key K;
The user U in C2, IBC domain recycles the public key PK of resource S in PKI domainsS, to the User Part K of session key K2Added
It is close, obtain user's ciphertext S-k2;Meanwhile, using session key K to the identity ID of the resource S in PKI domainsSIt is encrypted, obtains
To identity ciphertext S-ID;Again by user's ciphertext S-k2Access mandate bill in being walked together with B with identity ciphertext S-ID
Ticket1, send jointly to the resource S in PKI domains;
Resource S own private key SK in C3, PKI domainSTo the user's ciphertext S-k for receiving2Decryption, obtains resource-side session key
The User Part K of K '2';To access mandate bill Ticket1Decryption, extraction, obtain the authentication service of resource-side session key K '
Device part K1';Again by the User Part K of resource-side session key K '2' is filled at first place, makes it with resource-side session key
The certificate server part K of K '1The digit of ' is identical, then to the certificate server part K of resource-side session key K '1' and fill out
User Part K after filling2' carries out XOR treatment and obtains complete resource-side session key K ';Resource-side session key K ' is used again
The identity ciphertext S-ID that decryption is received, so as to obtain the extraction identity IDS ' of resource S in PKI domains, will extract identity
Mark IDS ', and the resource S in PKI domains identity IDSVerified, if the two is inconsistent, jumped to step E;Otherwise,
Resource S in PKI domains is with resource-side session key K ' to its identity IDSIt is encrypted, obtains resource S's in PKI domains
Resource-side identity ciphertext MA3S->U, and send it to the user U in IBC domains;
The user U session keys K in C4, IBC domain is to the resource-side identity ciphertext M that receivesA3S->UIt is decrypted, obtains PKI
The user terminal identity IDS of the resource S in domain,, and the user terminal identity IDS of resource S in PKI domains is verified,
Validity, if checking does not pass through, jumps to step E;The certification key association of the otherwise user U in the IBC domains and resource S in PKI domains
Business is completed, and the user U in IBC domains is had secure access to using session key K to the resource S in PKI domains;
D, re-authentication
As the certificate server part K of session key K1During beyond its life cycle, if the user U in IBC domains does not visit again PKI domains
Resource S, then jump to step E;If the user U in IBC domains still needs to access the resource S in PKI domains, step A is jumped to;
As the User Part K of session key K2Beyond its life cycle, but session key K certificate server part K1Still at it
In life cycle, if the user U in IBC domains does not visit again the resource S in PKI domains, step E is jumped to;If the user U in IBC domains
Still need to access the resource S in PKI domains, then jump to step A or carry out quick re-authentication;
E, termination session.
2. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains
Method, it is characterised in that the user U in IBC domains sends the money for accessing PKI domains to the certificate server TA in IBC domains in described step A
The specific practice of the request of source S is:
The user U in IBC domains chooses random integers r1, r1∈Zq;In formula, ZqThe set of all integers composition of q is represented less than, q is
More than 32 prime numbers of binary digit;Then by random integers r1With the public key P of systempubCarry out the dot product based on elliptic curve
Computing obtains public key point parameter R3, then by public key point parameter R3With the public key Q of the certificate server TA in IBC domainsTAMake Bilinear map
Mapping obtains mapping point parameter R1, R1=e (R3, QTA), wherein e () represents Bilinear map mapping;Meanwhile, random integers r1Again with
The generation unit P of elliptic curve, carries out the point multiplication operation based on elliptic curve and obtains generating first point parameter R2;To mapping point parameter R1
The cryptographic Hash that Hash operation obtains mapping point parameter is done, the cryptographic Hash H (R of the mapping point parameter to obtaining1) inversion operation obtains
The cryptographic Hash inverse element H (R of mapping point parameter1)-1, then by the cryptographic Hash inverse element H (R of mapping point parameter1)-1With the user U's in IBC domains
Private key SUIt is the temporary identity Tid that point multiplication operation obtains userU;By the identity ID of the user U in IBC domainsU, the resource in PKI domains
The identity ID of SSTime stamp T when being sent with message1Composition identity information plaintext section m1,m1={ IDU,IDS,T1, then profit
With the public key Q of the certificate server TA in IBC domainsTATo identity information plaintext section m1The cryptographic operation of identity-based algorithm is carried out, is obtained
To identity information ciphertext section c1, c1=IBE { IDU,IDS,T1}QTA, wherein IBE { ... } QTARepresent the authentication service using IBC domains
The public key Q of device TATACarry out the cryptographic operation of identity-based algorithm;
Then, the user U in IBC domains is by the temporary identity Tid of userU, generation unit point parameter R2With identity information ciphertext section c1Composition
Request message MA1, MA1=TidU,R2,c1;And send it to the certificate server TA in IBC domains.
3. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains
Method, it is characterised in that IBC domains certificate server TA is closed to the identity for sending the user U in the IBC domains of request in described step A
The specific practice that method is authenticated is:
The request message M that IBC domains certificate server TA will be receivedA1In generation unit point parameter R2With the certificate server in IBC domains
The private key S of TATADo Bilinear map mapping and calculate mapping point parameter R again1, R1=e (R2,STA);Mapping to calculating again again
Point parameter R1It is the cryptographic Hash H (R that Hash operation obtains mapping point parameter1), then done based on ellipse with the generation unit P of elliptic curve
The point multiplication operation of curve, obtains cryptographic Hash generation unit and puts parameter R4, then by its temporary identity with the user U in the IBC domains for receiving
TidUBilinear map mapping is done, the searching number Ind of the user U in IBC domains in the certificate server TA in IBC domains is drawnU, IndU=e
(TidU,R4);By described searching number IndUObtain the body of the user U storages at the certificate server TA ends in IBC domains in IBC domains
Part
IDU';Recycle the private key S of the certificate server TA in IBC domainsTATo request message MA1In identity information ciphertext section c1Enter
Row decryption oprerations, obtain identity information plaintext section m1In IBC domains user identity IDU;If time stamp T1It is fresh, and IBC domains
User U storage IBC domains certificate server TA identity IDU' and identity information plaintext section m1In IBC domains user U
Identity IDUUnanimously, then identity legitimacy certification passes through;Otherwise, certification does not pass through.
4. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains
Method, it is characterised in that the certificate server TA in IBC domains sends PKI domains authentication service to the user U in IBC domains in described step A
The public key PK of device CACASpecific practice be:
By the public key PK of PKI domains certificate servers CACA, identity IDCATime stamp T during with transmission message3Signed together
Public key cryptography c is constituted after name, cryptographic operation2, then by public key cryptography c2It is sent to PKI domains certificate servers CA.
5. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains
Method, it is characterised in that:The certificate server part K of the session key K in described step B1Digit be 128;Described
In C1 steps, the User Part K of the user U generation session keys K in IBC domains2Length be 80.
6. the user in a kind of IBC domains according to claim 1 accesses the authenticated key agreement side of the resource in PKI domains
Method, it is characterised in that the specific practice of the quick re-authentication in the D steps is:
The User Part K of the user U generation re-authentication session keys K in IBC domains "2The user of ", and by re-authentication session key K "
Part K2The certificate server part K of " being filled at first place, make it with re-authentication session key K "1Digit it is identical, then
The certificate server part K of counterweight authen session key K "1With the User Part K after filling2" carry out XOR treatment and obtain complete
Re-authentication session key K ";Then, C2 steps are jumped to.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710081516.7A CN106789042B (en) | 2017-02-15 | 2017-02-15 | Authentication key negotiation method for user in IBC domain to access resources in PKI domain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710081516.7A CN106789042B (en) | 2017-02-15 | 2017-02-15 | Authentication key negotiation method for user in IBC domain to access resources in PKI domain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106789042A true CN106789042A (en) | 2017-05-31 |
CN106789042B CN106789042B (en) | 2019-12-31 |
Family
ID=58957291
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710081516.7A Active CN106789042B (en) | 2017-02-15 | 2017-02-15 | Authentication key negotiation method for user in IBC domain to access resources in PKI domain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106789042B (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108737436A (en) * | 2018-05-31 | 2018-11-02 | 西安电子科技大学 | Based on the cross-domain services device identity identifying method for trusting alliance's block chain |
CN109327309A (en) * | 2018-11-08 | 2019-02-12 | 北京中电华大电子设计有限责任公司 | A kind of domain traversal key management method based on IBC Yu PKI mixed system |
CN109714167A (en) * | 2019-03-15 | 2019-05-03 | 北京邮电大学 | Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature |
CN109873699A (en) * | 2017-12-05 | 2019-06-11 | 南京师范大学 | A kind of voidable identity public key encryption method |
CN109981289A (en) * | 2019-03-26 | 2019-07-05 | 电子科技大学 | Batch authentication method of elliptic curve digital signature algorithm under implicit certificate |
CN111106931A (en) * | 2018-10-26 | 2020-05-05 | 中国电信股份有限公司 | Authentication method, authentication device, terminal and computer-readable storage medium |
CN111654366A (en) * | 2020-05-09 | 2020-09-11 | 中南民族大学 | Secure bidirectional heterogeneous strong-designation verifier signature method between PKI and IBC |
CN114024757A (en) * | 2021-11-09 | 2022-02-08 | 国网山东省电力公司电力科学研究院 | Electric power Internet of things edge terminal access method and system based on identification cryptographic algorithm |
CN114024749A (en) * | 2021-11-05 | 2022-02-08 | 西北工业大学 | Industrial equipment logic cross-domain access authentication method based on inter-domain cooperation of central nodes |
CN114221796A (en) * | 2021-12-02 | 2022-03-22 | 北京八分量信息科技有限公司 | Anonymous identity authentication method and device in heterogeneous network and related products |
CN114500040A (en) * | 2022-01-24 | 2022-05-13 | 北京金数信安科技有限公司 | Safe and efficient communication method based on state cryptographic algorithm and implementation thereof |
CN116321159A (en) * | 2023-01-14 | 2023-06-23 | 国网湖北省电力有限公司荆门供电公司 | Distributed station data transmission method based on Beidou communication service |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN101610153A (en) * | 2008-06-20 | 2009-12-23 | 航天信息股份有限公司 | Electronic signature authentication method based on ellipse curve signature algorithm |
CN102624528A (en) * | 2012-03-02 | 2012-08-01 | 中国人民解放军总参谋部第六十一研究所 | IBAKA (Identity Based Authentication and Key Agreement) method |
CN102970144A (en) * | 2012-12-20 | 2013-03-13 | 四川长虹电器股份有限公司 | Identity-based authentication method |
CN103780618A (en) * | 2014-01-22 | 2014-05-07 | 西南交通大学 | Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket |
CN105187205A (en) * | 2015-08-05 | 2015-12-23 | 北京航空航天大学 | Certificateless authentication key negotiation method and system based on hierarchical identities |
US20160323114A1 (en) * | 2015-05-03 | 2016-11-03 | Ronald Francis Sulpizio, JR. | Temporal key generation and pki gateway |
-
2017
- 2017-02-15 CN CN201710081516.7A patent/CN106789042B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101610153A (en) * | 2008-06-20 | 2009-12-23 | 航天信息股份有限公司 | Electronic signature authentication method based on ellipse curve signature algorithm |
CN101431415A (en) * | 2008-12-12 | 2009-05-13 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
CN102624528A (en) * | 2012-03-02 | 2012-08-01 | 中国人民解放军总参谋部第六十一研究所 | IBAKA (Identity Based Authentication and Key Agreement) method |
CN102970144A (en) * | 2012-12-20 | 2013-03-13 | 四川长虹电器股份有限公司 | Identity-based authentication method |
CN103780618A (en) * | 2014-01-22 | 2014-05-07 | 西南交通大学 | Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket |
US20160323114A1 (en) * | 2015-05-03 | 2016-11-03 | Ronald Francis Sulpizio, JR. | Temporal key generation and pki gateway |
CN105187205A (en) * | 2015-08-05 | 2015-12-23 | 北京航空航天大学 | Certificateless authentication key negotiation method and system based on hierarchical identities |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109873699A (en) * | 2017-12-05 | 2019-06-11 | 南京师范大学 | A kind of voidable identity public key encryption method |
CN109873699B (en) * | 2017-12-05 | 2021-09-28 | 南京师范大学 | Revocable identity public key encryption method |
CN108737436B (en) * | 2018-05-31 | 2020-02-21 | 西安电子科技大学 | Cross-domain server identity authentication method based on trust alliance block chain |
CN108737436A (en) * | 2018-05-31 | 2018-11-02 | 西安电子科技大学 | Based on the cross-domain services device identity identifying method for trusting alliance's block chain |
CN111106931B (en) * | 2018-10-26 | 2022-08-02 | 中国电信股份有限公司 | Authentication method, authentication device, terminal and computer-readable storage medium |
CN111106931A (en) * | 2018-10-26 | 2020-05-05 | 中国电信股份有限公司 | Authentication method, authentication device, terminal and computer-readable storage medium |
CN109327309A (en) * | 2018-11-08 | 2019-02-12 | 北京中电华大电子设计有限责任公司 | A kind of domain traversal key management method based on IBC Yu PKI mixed system |
CN109714167A (en) * | 2019-03-15 | 2019-05-03 | 北京邮电大学 | Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature |
CN109981289A (en) * | 2019-03-26 | 2019-07-05 | 电子科技大学 | Batch authentication method of elliptic curve digital signature algorithm under implicit certificate |
CN109981289B (en) * | 2019-03-26 | 2020-03-31 | 电子科技大学 | Batch authentication method of elliptic curve digital signature algorithm under implicit certificate |
CN111654366B (en) * | 2020-05-09 | 2023-04-07 | 中南民族大学 | Secure bidirectional heterogeneous strong-designated verifier signature method between PKI and IBC |
CN111654366A (en) * | 2020-05-09 | 2020-09-11 | 中南民族大学 | Secure bidirectional heterogeneous strong-designation verifier signature method between PKI and IBC |
CN114024749A (en) * | 2021-11-05 | 2022-02-08 | 西北工业大学 | Industrial equipment logic cross-domain access authentication method based on inter-domain cooperation of central nodes |
CN114024757A (en) * | 2021-11-09 | 2022-02-08 | 国网山东省电力公司电力科学研究院 | Electric power Internet of things edge terminal access method and system based on identification cryptographic algorithm |
CN114024757B (en) * | 2021-11-09 | 2024-02-02 | 国网山东省电力公司电力科学研究院 | Electric power internet of things edge terminal access method and system based on identification password algorithm |
CN114221796A (en) * | 2021-12-02 | 2022-03-22 | 北京八分量信息科技有限公司 | Anonymous identity authentication method and device in heterogeneous network and related products |
CN114500040A (en) * | 2022-01-24 | 2022-05-13 | 北京金数信安科技有限公司 | Safe and efficient communication method based on state cryptographic algorithm and implementation thereof |
CN114500040B (en) * | 2022-01-24 | 2023-09-19 | 北京金数信安科技有限公司 | Safe and efficient communication method based on cryptographic algorithm and implementation thereof |
CN116321159A (en) * | 2023-01-14 | 2023-06-23 | 国网湖北省电力有限公司荆门供电公司 | Distributed station data transmission method based on Beidou communication service |
CN116321159B (en) * | 2023-01-14 | 2024-01-02 | 国网湖北省电力有限公司荆门供电公司 | Distributed station data transmission method based on Beidou communication service |
Also Published As
Publication number | Publication date |
---|---|
CN106789042B (en) | 2019-12-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106789042A (en) | User in IBC domains accesses the authentication key agreement method of the resource in PKI domains | |
Chen et al. | Security enhancement on an improvement on two remote user authentication schemes using smart cards | |
Jiang et al. | A privacy enhanced authentication scheme for telecare medical information systems | |
US8930704B2 (en) | Digital signature method and system | |
CN104754581B (en) | A kind of safety certifying method of the LTE wireless networks based on public-key cryptosystem | |
KR20190073472A (en) | Method, apparatus and system for transmitting data | |
KR101730757B1 (en) | Method and system for accessing device by a user | |
CN105812349B (en) | A kind of unsymmetrical key distribution of identity-based information and message encryption method | |
CN103414559B (en) | A kind of identity identifying method of based on class IBE system under cloud computing environment | |
CN107948156A (en) | The closed key management method and system of a kind of identity-based | |
CN109243020A (en) | A kind of smart lock identity identifying method based on no certificate | |
CN105516119A (en) | Cross-domain identity authentication method based on proxy re-signature | |
CN108833373A (en) | The instant messaging and anonymous access method of facing relation secret protection social networks | |
CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
CN106850584B (en) | A kind of anonymous authentication method of curstomer-oriented/server network | |
CN106230840B (en) | A kind of command identifying method of high security | |
US9641333B2 (en) | Authentication methods, systems, devices, servers and computer program products, using a pairing-based cryptographic approach | |
CN116599659B (en) | Certificate-free identity authentication and key negotiation method and system | |
CN116388995A (en) | Lightweight smart grid authentication method based on PUF | |
CN106877996B (en) | User in the domain PKI accesses the authentication key agreement method of the resource in the domain IBC | |
CN106487502A (en) | A kind of lightweight key negotiation method based on password | |
CN115459975A (en) | Certificate-free access authentication method for industrial edge equipment based on Chebyshev polynomial | |
CN114866244A (en) | Controllable anonymous authentication method, system and device based on ciphertext block chaining encryption | |
Zhang et al. | Mobile payment protocol based on dynamic mobile phone token | |
Ahmed et al. | Mutual authentication for mobile cloud computing: Review and suggestion |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230322 Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee after: Yami Technology (Guangzhou) Co.,Ltd. Address before: 610031 No. two, section 111, ring road, Chengdu, Sichuan, China Patentee before: SOUTHWEST JIAOTONG University |
|
TR01 | Transfer of patent right |